5 Best Practices for Data Protection in the Cloud

5 Best Practices for Data Protection in the Cloud

GUEST REVIEW: Cloud data security measures are critical to data privacy and network security.

By 2025, Gartner predicts that more than 95% of new digital workloads will be deployed on cloud-native platforms, up from just 30% in 2021. Despite the rapid transition to the cloud, most enterprises they do not have an adequate cloud security strategy to ensure the safety of data stored in the cloud.

79% of companies experienced a data breach

The rapid shift to doing business online and working remotely has introduced multiple security and data protection issues. According to a poll, 79% of companies experienced at least one cloud data breach between 2021 and 2020, while 43% of companies reported more than 10 breaches. If cloud data is compromised, companies risk loss on multiple levels, including revenue, reputation, and business continuity. The average cost of a data breach it’s $8.64 million in the US, and it typically takes a business 280 days to find the problem, fix it, and recover.

99% of failures will come from the client side

According to Juta Gurinaviciute, director of technology at NordLayerCloud Service Providers (CSPs) bear primary responsibility for the security and seamless delivery of their services, but in a multi-cloud environment, corporations bear full responsibility for data protection. According to Gartner predictions, by 2025, 99% of cloud security failures will be caused by client-side security issues, not cloud provider-side. Gurinaviciute says, “Attackers can breach data in a cloud environment due to misconfiguration, poor encryption, faulty key management, and insufficient credential management.”

However, businesses can mitigate cyberattacks with proper security controls and practices. According to Juta Gurinaviciute, director of technology at NordLayerThese are industry best practices that help mitigate data protection risks in the cloud.

1. Select a trusted provider

Both cloud providers and customers must take equal responsibility for ensuring the security of data in the cloud. However, companies leveraging the cloud must choose a trusted provider with the appropriate industry certificates that meet compliance standards. Additionally, companies should inspect suppliers’ remote management tools.

2. Implement encryption

The more cloud environments a company uses, the more vulnerabilities cybercriminals can exploit in its infrastructure. Implementing a consistent access and control structure becomes complicated and time consuming when data is dispersed across multiple cloud providers. As a solution, companies create a key management system that can only be accessed by users who need it.

Additionally, it should be imperative to protect sensitive data both in transit to the cloud and at rest. Encryption is a popular tool for protecting data both in transit and at rest. Businesses should choose to encrypt sensitive data before moving it and/or use encrypted connections (HTTPS, SSL, TLS, FTPS, etc.) to protect the content of data in transit. On the other hand, companies can protect data at rest by encrypting sensitive data before it is stored in the cloud.

3. Strict access with zero trust

Companies can take advantage of the zero-trust architecture and only grant users access to the data or systems they need. They can create well-defined groups with assigned roles to grant access to specific resources. A zero-trust security approach includes the ability to identify and have complete visibility into the applications in use and who is using them. This allows security teams to enforce least privileged access and ensure the corporate network is visible and secure.

4. Secure end user devices

Businesses must defend endpoints like laptops, mobile phones, and desktops on their networks that have access to the cloud because endpoints act as access points to all cloud processes. Mobile devices can be lost or stolen and then used to access the cloud by bad actors. Encrypting data on these devices is another critical action to minimize risk. Also, if a BYOD (bring your own devices) practice exists in the company, it can increase susceptibility to cyberattacks because the company has no control over what software is used on personal devices. Therefore, companies must monitor traffic and restrict what data can leave or enter their systems.

5. Consider a CASB

Companies can use multiple cloud computing services from several different providers. Designed to ensure that cloud security policies are followed, Cloud Access Security Brokers (CASBs) make the most sense for organizations that use multiple cloud computing services from multiple vendors. If these solutions are integrated with zero trust, it is possible to bring together a variety of security services, such as access control and authentication, as well as behavior monitoring, encryption, and virus detection.


NordLayer is an adaptable network access security solution for enterprises. Helps organizations of all sizes meet scaling and integration challenges. Moving toward an ever-evolving SASE ecosystem, NordLayer is quick and easy to deploy with existing infrastructure, has no hardware, and is designed to scale. As a cloud-native solution with an easy-to-use interface, NordLayer offers protection for businesses of any size, complexity, or work model, including remote or hybrid workplaces. More information: www.nordlayer.es

Leave a Comment