In this episode, Matt Kelly and I take a deep dive into the issue of two factor authentication of cloud-based solutions and the intersection with compliance. While it may not appear as obvious, when you consider such preventative controls as authentication at log-in as a risk management strategy, the compliance angle becomes more clear. Two factor authentication is a current response to the risk of data breach through hacking. It requires a policy, training on that policy, coupled with communications and the ongoing monitoring of strategy.
When you couple all the above you can see the role compliance will play going forward. As with any best practices compliance program, it all starts with a risk management strategy. Begin with forecasting on whether you will use any cloud-based apps (you do), then move to a risk assessment follow up with risk-based monitoring. It all starts with the nuts and bolts of compliance and continues throughout the process.
Matt Kelly’s piece Let’s All Freak Over Cloud Apps, Security