Challenge: Every organization needs to collect data for analysis, but how do you ensure secure data collection, especially in the day and age of BYOD?
Solution: Input validation and filtering are imperative for straining out malicious data and ensuring that only the proper information is collected from all enterprise endpoints.
Unfortunately, proper input validation and filtering can be quite difficult, particularly in the cloud. The Cloud Security Alliance recommends a three-step hybrid approach:
1. Develop secure data collection platforms and applications, especially when data will possibly run on untrusted devices.
2. Identify possible attacks, such as a Sybil attack and ID spoofing, and mitigate them.
3. Know that malicious content may enter the system, develop algorithms to detect and filter out this data.