As you might already be aware, data integrity, one of the key aspects in Information Security, means that the degree to which data is consistent, accurate and complete over its entire lifecycle.

To maintain it, you and the cloud PROVIDER must, hand-in-hand, provide such assurance.

First, assure the data cannot be modified by an unauthorized individual, entity, or program. This could happen by DEPLOYING Access Controls through Access Control Matrix (ACM) or Access Control List (ACL) revealing username, role, privilege, menu, function and object. The forensic tool may be also needed to recover from the accidental deletion by authorized users. In addition, implement also another control, checksum, to verify integrity.

Second, have data backup for occurrences like a power outage, database crash, storage failure. Given that the data is corrupted, try to identify the ROOT cause then recover it in immediate. If it doesn’t go through, restore correct data from the backup. Regardless of the storage media utilized for the backup, always put it in separate logical or even better physical premise and location. A secure, confidential, safe one, obviously. Security policy, both logical and physical, applied to primary and backup data must be the same.

Third, implement ALGORITHMS and protocols namely Message-Digest algorithm 5 (MD5), Advanced Encryption Scheme (AES), Secure Hash Algorithm (SHA) and Rivest–Shamir–Adleman (RSA) to provide maximum levels of integrity management from any tampering or unauthorized access, specifically for data stored in the public cloud.

Fourth, getting data integrity verified through IT Audit activities. It could be possibly conducted by internal (from your side/provider end) or external entities (third-party/independent). As the 3rd layer of defence inside an organization, IT Auditor will be assessing, validating and testing IT General Controls and IT Application Controls as necessary to verify the consistency, accuracy and completeness of certain static as well as dynamic data.