Defining Security Policies for Data
Data is an important asset of any company. Enterprises store their data more and more in multi-cloud setups. How do they secure data? All cloud platforms have technologies to encrypt data but differ in how they apply encryption and store and handle keys. But data will move from one cloud to another or to user devices, so it needs to be secured in transit, next to data at rest. This is done with encryption, using encryption keys. These keys need to be secured as well, preventing non-authorized users from accessing the keys and encrypted data.
Before we discuss data protection itself, we will briefly talk about data models and how we can classify data. We will explore the different storage solutions the major clouds offer. Next, we will learn how data can be protected by defining policies for data loss prevention (DLP), labeling information to control access, and using encryption.
In this chapter, we’re going to cover the...