Recently, we conducted a mini-webinar series on Managing Security for eDiscovery with Modus Discovery CIO John Crites. In this week’s blog, part 2 in a series, we cover cloud security.
Cloud security is one of the most misunderstood aspects of security. People simply do not trust the cloud. They say: It’s the un-cloud. It’s undefined. It’s unsecure. It’s unknown. It’s unmanageable. But nothing could be farther from the truth when you dig in. Securing information in the cloud can be accomplished
In this webinar, we discuss two different definitions of the cloud. The first is the typical cloud.
This cloud gave cloud-based security a bad reputation. An example is iCloud, where many people have contacts, music and pictures backed up. Who is managing the security of all that information? Somebody at Apple is managing it, but is that good enough? Where is that data? Is it shared with other people? They say it isn’t, but do we know for sure? Are they following NIST security standards? This is the kind of cloud environment that gives people a very uncomfortable feeling when they are storing and doing business in the cloud.
There is another, different kind of cloud. This kind of cloud is more co-location than cloud. If your computing center is on the Internet, you are already in the cloud to begin with. A good example of this cloud is Amazon Web Services. Amazon has a lot of high end security features. By using Amazon, users can manage the security. Users have control of all security provisions in the environment. The location of data is guaranteed. Users have a dedicated virtual private cloud or a VPC resource. Access to AWS meets NIST and ISO standards, security for eDiscovery can be customized.
AWS also has a lot of next generation tools, such as firewalls, utilities to detect intrusions, vulnerability scanning, controlled access and more. The secret here is leverage somebody else.
Be smart and do not avoid advances in security because the word cloud is involved in the description. Be smart. Know when you’re dealing with something akin to iCloud versus the Amazon cloud.
In the recording, you will also learn:
- Who the Department of Defense uses to store its data.
- What is FedRAMP and why does it matter to eDiscovery?
To watch Part Two of the mini-webinar series, click here now.