In this webinar, CEO of CipherPoint, Mike Fleck, joins us as we explore security in an Office 365/Dedicated hybrid cloud model. Organizations need to consider the confidentiality and availability implications of SharePoint when offered by a private hosting provider as opposed to a public Cloud offering. These differences include data residency, your ability to perform due diligence, and confidentiality/availability guarantees. Restricted information, however, needs to be secured no matter where it’s stored and processed. During the latest Fpwebinar, we explore the private and public hosted SharePoint offerings and the strategies you can use to architect a hybrid approach to meet both your business and security objectives.
Office 365 is simply hosted SharePoint by another name. As such, organizations need to understand and consider the confidentiality and availability implications of SharePoint offered by a managed hosting provider as opposed to a public Cloud offering. There are major differences between private and public Cloud offerings in terms of data residency, your ability to perform due diligence, and confidentiality and availability guarantees. Restricted information, however, needs to be secured no matter where it’s stored and processed. Luckily, private and public hosted SharePoint offerings and strategies can be developed to architect a hybrid approach that meets both your business and security objectives.
Data and Device Security includes using least privilege design, creating a separation of duties principle, only use unique user identities, do not use shared accounts, and always require complex passwords.
Network, Hosting, and Application Security includes network firewalls and monitoring, penetration testing, vulnerability scanning, intrusion detection, patch management, and anti-virus and anti-malware.
Physical and Human Security includes building access control, visitor logs, physical data center security, employee screening, and employee awareness training and job descriptions.
Compliance and Incident Response Security includes the creation of an incident response policy and a corporate information security policy, using third party auditing and accreditation, and designating compliance offers or teams.
When choosing a cloud provider, it is important to do your research. Important areas to look into when research providers include:
While the public cloud has superior economies of scale because of their cookie cutter offerings, they have highly limited ability for you to do your due diligence or for you to customize your environment. Furthermore, public clouds often have lower service levels than private clouds and they have a high volume of compelled disclosures.