Tips for effective Cloud Security: Secret Sauce for good digital Transformation

Cloud Technologies will be at the forefront of digital transformation mainly for storage of data, easy access to data, Scalability, and many more. Cloud service makes it easier for small tech companies or startups to develop software without bothering about buying servers, infrastructure, and setting up networks. Buy a package from any of the major cloud providers and pay as you scale.

For large enterprises, it is mostly about convenience. The large swathes of datasets can be stored in the cloud, Data processing can be faster and easier. Software as a service is a godsend with everything related to software outsourced to the cloud partner.

It’s a relief for business continuity as companies don’t have to maintain the cold site, hot site, or warm sites. Everything is backed up in the cloud, employees work remotely. If the site, goes down in way of a pandemic or natural disaster, work can be up in seconds.

What can be a spoiler for a cloud party?

When we outsource to a cloud service provider (CSP), laymen have a misconception that CSP will take care of all the security as everything is going to the cloud. However, the customer is accountable for security, even though CSP is responsible for it. If there is a data breach, the customer has to answer the authorities, not the cloud provider.

The second area where cloud security fails is access control. The customer is responsible for configuring the access to the cloud and if it’s set weakly it becomes a target for hackers. Remember social engineering and weak passwords mean that your cloud and your data and its secrets are out for ransom and manipulation.

The third area where the customer has to analyze is how the strictly confidential data has to be stored. For example, as per the procedures, defined by the customer, it could be that strictly confidential information after its use has to be permanently destroyed. Will a cloud service provider give this facility? There are alternative methods like encrypting the data and destroying the key. Now it’s a question of trust, whether the said data is destroyed or can be recovered.

How to secure your cloud

Securing the cloud can be done with governance, risk management, and compliance. For any cloud implementation, effective cloud controls are required to protect the cloud from vulnerabilities and mitigate the risk of malicious attacks. There are various frameworks for cloud security with the Cloud security alliance Cloud control matrix being the prominent one. Due diligence has to be done when selecting a cloud service provider. Audits and assessment results have to be reviewed and actions implemented. The company’s employees should know about cloud operations so that everything is not left to the cloud service provider.

How can agility help here?

As with any security, Cloud security has to be baked into the process. Being Agile is the best way to do it here. Have these cloud security requirements, get into the product or implementation as features, and then into user stories.

Conclusion: Securing your cloud is important as the major asset of your organization- the data and services will eventually move into the cloud as part of the digital transformation journey. Not everything can be in a private cloud as organizations need to move faster with development using SaaS or Paas. Then it becomes imperative that appropriate cloud controls are available to secure the cloud.


Outline/Structure of the Talk

Introduction to the cloud and Digital Transformation: 5 mins

Problem with Cloud:  security concerns: 10 mins

How to secure your cloud: 15 mins

Benefits of securing the cloud: 10 mins

Conclusion: 5 mins

Learning Outcome

To learn about cloud security and tips to look for migrating to cloud , for greater acceleration

Target Audience

All conference attendees

Prerequisites for Attendees



schedule Submitted 2 weeks ago

Public Feedback

comment Suggest improvements to the Author
  • Leena S N
    By Leena S N  ~  2 days ago
    reply Reply

    Hi Amritha,

    Thank you for the submission. For the reviewers to better understand the content and your presentation skills, can you please provide the following?

    • While the introduction talks about the problems, it's unclear what is your proposed solution. Are you sharing your experience or presenting a case study? This will also help the attendees to understand and correlate your talk better. The description looks too lengthy for a 20-minute talk.
    • The outline lacks how are splitting your time. Please provide more details to make it clear how you are utilising the 20 minutes effectively.
    • Also, provide sample slides and a video of your presentation. This will help us understand your presentation skills. In case you don't have a video, you can record a short video and share it here.



    • Amritha George
      By Amritha George  ~  1 day ago
      reply Reply

      Thanks, Leena for your comments. I have incorporated your points in the submission.

  • Jakub Jurkiewicz

    Jakub Jurkiewicz - Agile recruitment - the missing step in your agile transformation

    Jakub Jurkiewicz
    Jakub Jurkiewicz
    Agile Coach
    Agile Coaching Lab
    schedule 1 month ago
    Sold Out!
    45 Mins

    If we want to build agile organisations we need to recruit with agility in mind! If we care about people and interactions, we should create space for people to shine and where people can collaborate.

    What if the candidate does not fit any of our boxes? How could we respond to that and embrace this opportunity? What about hiring for culture-fit? Or is culture-add is even more important? What could happen if we redesign our recruitment processes looking through the lenses agile values and principles?

    In this talk we will explore how agility could help us shift the conversations in the recruitment processes, and how we could start recruiting for culture-add and hire people that will accelerate our agile transformations.