Summary: While cloud computing provides compelling advantages and solutions to many IT and business challenges, and is rapidly changing the way we do business at CSU, it has also created a whole new landscape of threats and security risks. As we continue to provide students with more robust, seamless and personalized computing experiences, and move critical systems and applications to the cloud, we must continually question if our existing security appropriately addresses evolving needs and expands to include privacy, safety, and reliability as campuses become more digital. Truth is business-as-usual traditional security is not able to keep pace with cloud adoption. Instead both the business and IT have a shared responsibility for taking care of security by aligning around appropriate governance, policies, procedures and best practices to reduce security risks and protect systems and student data.

What we will discuss

In our presentation, team members will discuss practical approaches to improving an existing security program. We will examine:
• How using a cloud security risk assessment to determine if current security toolsets prioritize appropriate security controls.
• How to approach the three key stages in cloud security: 1) Monitoring the Data 2) Gaining Visibility to the data, and 3) Managing Access.
• Seeking and leveraging solutions based on cloud security industry best practices.
• Key components of cloud security governance and how these must become standard security practice.

What attendees will take away:

Attendees will gain insight into the various toolset, assessment reports, best practices and audit mechanisms used to assess the cloud environment for a comprehensive cloud security. Presenters will share the tool that they have implemented and optimized for CSU to continuously measure and gain visibility into the efficacy of the hybrid cloud IT environment. They will also share lessons learned in fostering this new collaboration.