Database security boils down to these three things: • The registry

interview Securing cloud databases boils down to three things, according to John Yeoh, global vice president for research at the Cloud Security Alliance (CSA).

“Look at protecting the data itself, protecting the people accessing it, and protecting how people access it — the networks and applications that provide access to your data,” Yeoh said The registry.

Easier said than done, of course, as the amount of data companies need to accumulate and then protect is growing exponentially.

Luckily, CSA educates businesses about cloud security best practices. And in conversation with The registrywhich you can view below, Yeoh discussed some of these best practices.

Strong encryption is key, especially when it comes to protecting critical databases. And while we’ve gotten pretty good at encrypting data at rest and in motion, newer technologies like confidential computing, which processes data in private storage using hardware-based secure enclaves, offer a way to protect the data in use.

Also, most cloud providers now offer confidential computing services.

Also: block identity and access, Yeoh said. “Who is accessing this information in your systems?” he asked. “Not just about people and users accessing information, but also about devices and endpoints.” ®