Cloud services are increasing, and many organizations are considering adopting this capability to support their daily operations. Many organizations are seeking alternatives that will allow them to shed some responsibility for providing their own network and server storage and possibly reduce costs in the long term. Your supervisor informed you that the organization elected to adopt a cloud service provider to handle all file storage, email, and common office applications used to develop and process spreadsheets, documents, and presentations. Senior leadership felt the cloud service would help reduce costs to the organization and wants to move forward on contracting a service within the next six months.
Management is very concerned about the security of organization information that will be stored in the cloud. Your supervisor tasked you to write an information security strategy to outline security requirements for data storage in the cloud to address management’s concerns.
Write a 1,750- to 2,100-word information security strategy that addresses security requirements the organization will require the cloud service provider to have in place before information is transferred to the cloud.
Include the following in your information security strategy:
A process to ensure the data is secure when being transferred from the organization’s servers to the cloud service provider.
A method that provides for only authorized personnel to access the data stored within the cloud.
Measures to ensure data at rest (data being stored on the server(s)) is secure.
Steps to take should you learn a cyber incident occurred resulting in a loss or theft of data.