+1(978)310-4246 credencewriters@gmail.com

see attached

This is the Should Highly Sensitive Data Be Stored in the Cloud work you have done a week

ago. Each reply must be at least 1 paragraph and 100 words in overall length. Each post must

address the original post and can either agree or disagree with the original poster’s position. As

with the original post – support your arguments, but you are only required to have 1 supporting

argument and cite at least 1 external source for this reply.


Three policies that any organization should use to ensure data in the cloud remains private and


1. Educate employees on Cloud Security.

2. Encrypt data in transition and at rest.

3. Strengthen identify and access management (IAM)

Organizations should educate employees on cloud security to avoid loss of sensitive information

to unauthorized users due to human error. According to IBM’s Cost of a Data Breach Report,

24% of data breaches were caused by human error and seven out of ten employees are not

adequately trained in cybersecurity awareness per MediPRO (Anonymous, 2020). I believe

educating employees on how identify phishing attacks, differentiate secured from unsecured sites

and encouraging them to install security software will mitigate the risk of losing sensitive data.

The second policy that any organization should use to ensure data stored in the cloud is safe from

cyber-attacks is encrypting data. Sensitive data in transit and at rest should be encrypted at all

times (Pangam, 2017). This allows an organization to comply with privacy policies, regulatory

and contractual obligations for handling sensitive information (Pangam, 2017). I believe

encrypting data during transmission and at rest minimizes loss of sensitive data due to human

error or cyber-attacks.

The last policy that any organization should use to ensure data stored in the cloud remains

private and secure involves strengthening identity and access management (IAM). IAM helps

organization by streamlining and automating identify and access management and eliminates the

need for IT team to manually assign access controls, monitor, update privileges or deleting

accounts (Alvarenga, 2022). Additionally, organization can implement single sign-on to

authenticate user’s identity and allow access to multiple application using one set of credentials

(Alvarenga, 2022). Single sign-on would decrease the likelihood of password-related hacks and

combining it with multi-factor authentication (MFA) would add an additional layer of security to

the organization (McKeown, 2021). At my job, we use single sign-on, and MFA and I believe

this policy safeguards my company’s sensitive data.

As a citizen, we should b

error: Content is protected !!