Beginning Next Week: InsideCounsel will become part of Corporate Counsel. Bringing these two industry-leading websites together will now give you comprehensive coverage of the full spectrum of issues affecting today's General Counsel at companies of all sizes. You will continue to receive expert analysis on key issues including corporate litigation, labor developments, tech initiatives and intellectual property, as well as Women, Influence & Power in Law (WIPL) professional development content. Plus we'll be serving all ALM legal publications from one interconnected platform, powered by Law.com, giving you easy access to additional relevant content from other InsideCounsel sister publications.

To prevent a disruption in service, you will be automatically redirected to the new site next week. Thank you for being a valued InsideCounsel reader!

X

Security, compliance concerns at the heart of cloud solutions

Firewalls, security keys and compliance are essential components to any cloud solution

The cloud has proven to be a valuable tool for companies of all sizes in every industry. Cloud storage, communications and applications can save companies money, manpower and time and bring them to the cutting edge of modern technology. But putting data into the cloud does create concerns for businesses, mostly in the areas of security and compliance. 

While security has come a long way, companies in certain highly regulated industries like healthcare and finance, must ensure that security standards are up-to-date and aligned with regulatory specifications as laid out by HIPAA, PCI/DSS, etc. Here are some security features to keep in mind when assessing a cloud provider: 

  • Firewalls: The latest firewalls combine intelligent applications that constantly monitor for suspicious activities, protecting internal resources and monitoring databases that track malevolent operators.
  • Security keys: Organizations that operate in highly regulated spaces are best served by owning the encryption keys, rather than letting the provider own them. This works best when data is housed in a hybrid deployment, both in the cloud and on-site.
  • Certificate monitoring: It is important to monitor security certificates, set up alerts to know when certificates are expiring or interacting oddly with other services, and knowing the origins of your certificates.

Finally, companies must ensure that they and their cloud providers are compliant with all relevant regulations. This is of paramount importance to general counsel and chief compliance officers. They must investigate which providers meet certification standards of the regulations in question. Companies should inventory all systems, categorize them based on risk level, implement security controls, while conducting continuous risk-assessment audits and monitoring. In this way, businesses can experience the benefits of the cloud while minimizing the risk involved.

 

For more information on the cloud, check out the stories below:

Modernizing privacy for the new IT

Technology: Are there clouds on your board’s radar? 

Technology: The impact of digital age innovations on the attorney-client privilege

Senior Editor and Community Manager

author image

Rich Steeves

Richard P. Steeves is Senior Editor and Community Manager of InsideCounsel magazine, where he covers the intellectual property and compliance beats. Rich earned a B.A....

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.