By David Linthicum
Continuing our discussion from my last blog in July, perhaps it’s helpful to drive deeper into security approaches and technology for use within clouds that serve the healthcare vertical. We’ll start by focusing on the fundamentals of cloud security for healthcare. However, some of this is transferable to other verticals as well.
First fundamental: Understand the data that will reside in the cloud
Healthcare data has something in common. It’s dangerous to manage, unless you know exactly what you’re dealing with.
As we migrate health data to the cloud, it’s important to understand the data that will reside in the cloud-based systems, in terms of compliance and security requirements. This means understanding what is PII data, and what is not, as well as dealing with specific security requirements around encryption. This includes data in flight, and at rest.
Second fundamental: Identity-based security …