In a post Snowden world it is clear that for cloud data security, we need strong encryption. When properly implemented, encryption in the cloud reduces risk to levels acceptable for sensitive data.
There is no doubt data protection in the cloud computing era is never going to be a ‘one size fits all’ kind of a solution. It requires a 360-degree view of the company with 365-days a year dedication.
The best place to start is with a risk analysis so you know what kind of data you have, its levels of sensitivity, who’s using it, where it’s used and stored, and how and where and over what technologies it’s going to ‘commute’. You need to understand your company’s data – in terms of technology and human weaknesses. Data should be unreadable to an attacker. It must be incoherent at all times to anyone other than you and your trusted personnel: while it’s travelling – or you are; whether it’s in transit, storage, stopping, or resting, data is safest in encrypted form.