Like in all areas of cloud security, the use of data should be risk-based; but not all data is equal. For example, encrypting every single bit of data in all your SaaS applications, because you don’t trust that provider at all; likely means that you shouldn’t be using the provider in the first place! Encrypting all data cannot be a "cure-all" and may lead to a false sense of security, e.g., encrypting data traffic without ensuring the security of the devices themselves. Often information security is considered data security, but in our session today we will focus on those controls related to securing the data itself in the cloud, of which encryption is one of the most important.

You don't want a hacker to treat your cloud like it's a Pinata to burst it and have a data pour! The only reason your cloud should burst is to direct overflow traffic from your private to a public cloud so there’s no interruption of services. This session aims to bring your cloud security all the way down to the data. We will cover topics like:

• The Cloud Data Lifecycle
• How to design security strategies for data protection within a cloud environment. The key controls and processes are:
  • Access controls
  • Encryption
  • Architecture
• Enforcing information lifecycle management security

Speaker: Leena Bongale 

Leena Bongale is a recognized industry expert with over 18 years of experience in Information Technology and specializes in Information Security and Management. She is currently the Cloud, Crypto & Infrastructure Specialist at TD Bank. Leena is an accomplished consultant, speaker, trainer, writer, and columnist, and holds a master's degree in Cybersecurity from the University of San Diego. She also has achieved industry certifications including CCSP, CRISC and SAP BI. Leena regularly speaks, writes, and blogs for some of the most recognized tech companies today on topics including cybersecurity, cloud adoption, business continuity, and compliance.