Recent Forrester research on cloud governance best practices created quite the buzz in the security community.
With corporate competitive pressures to reduce IT operations and security costs, transitioning workloads and data to the cloud is unstoppable — but the most difficult question is how to govern the process to ensure a predictable, accountable, and scalable transition, and resulting cloud infrastructure, that accounts for the diverse interests of the internal stakeholders and the regulators. This latest Forrester Research report gives cloud leaders a blueprint and best practices for cloud governance and accounts for stakeholders, workload targets, processes, and tools.
On average, surveyed infrastructure technology decision-makers at enterprises in North America and Europe report that 31% of their infrastructure is in an owned facility, 20% in a co-located facility, 24% in a public cloud, and 25% hosted or outsourced in another environment. This, paired with the reported hundreds of SaaS applications in use as well as increasing pressures for General Data Protection Regulation (GDPR) compliance, emphasizes that (sensitive) enterprise data is everywhere.
Cyber experts weighed-in on Forrester's new best practices.
Howard Ting, CEO at Cyberhaven:
“It's obvious the cloud is uncovered real estate for most enterprise data protection programs and there is a mad rush to deploy tools to provide visibility and control of data in the cloud. We must avoid, however, creating yet another silo of policies and tools for organizations to deploy, manage and monitor. The only effective approach is a unified data protection platform that spans cloud and on-prem environments.”
Rick Holland, Chief Information Security Officer, Vice President Strategy at Digital Shadows:
“Gaining and maintaining executive support is critical for any cloud governance model. Governance can be perceived as an impedime