Top requirements for operating data in the cloud
The Cloud Security Alliance (CSA) Cloud Data Governance (CDG) working group today introduced the results of its Cloud Consumer Advocacy Questionnaire and Information Survey.
The questionnaire asked consumers to provide their input on the current state of public cloud provider maturity in addressing the following key issues, which were previously highlighted in the CSA’s Security Guidance for Critical Areas of Cloud Computing:
- Data discovery
- Location of the data
- Data aggregation and inference
- Comingling data with other cloud customers
- Use of data security controls
- Encryption and key management practices
- Data backup and recovery schemes for recovery and restoration
- Data remanence or persistence.
“Cloud computing shifts the emphasis from “systems” to “data”, and as a result, stakeholders need to be aware of the best practices for governing and operating data and information in the cloud” said Ryan Ko, one of the co-chairs of the CDG working group.
“With this initial survey, we aimed to capture the current state of data governance and data security capabilities offered by leading cloud service providers. These results will be extremely useful for our future guidance and research on best practices for data governance and security in the cloud,” he added.
The group surveyed almost 50 subject matter experts in senior technical roles at organizations including the industry’s largest cloud providers worldwide. In addition to the survey results, the initial paper also provides working group recommendations in each area, to be expanded upon in future work products.
The full survey results can be found here.