Are Cloud Services Secure Enough For Your Business?
Subscribe to vXchnge Blog
Businesses everywhere are moving more processes to the cloud. According to syntax.com, “In 2008, the cloud computing industry was $46 Billion. In 2014, it’s $150 Billion. That’s a growth of over 300% in 6 short years.” The question becomes, how can we get the benefits of cloud services like online file sharing while keeping our data safe?
Concerns with cloud
It used to be that securing the perimeter of your traditional data center using firewalls and intrusion detection systems was enough to keep out trouble. Now companies are moving more processes to the public cloud where IT departments have little control over security. When you combine that with mobile devices and BYOD, the potential problems increase.
Here are 5 steps you can take to increase cloud security:
1. Perform a security audit
With public cloud services like online file sharing, we can have a greater number of people with access to files. Perform a regular audit of your security permissions and make sure you provide extra scrutiny for those with higher access levels. It’s better to give people too little access and increase it as needed than to give them too much in the beginning.
Identify which systems contain your most sensitive data. These will require higher levels of protection, monitoring, and possibly encryption.
2. Limit access by device or location
With some cloud-based systems, you have the ability to limit access based on the location of the user and the device they are currently using. A good example might be allowing an employee to access certain sensitive data during business hours, but only from a desktop machine in your building.
3. Use device-level security
If a compromised device connects to your data, it may not matter whether the data exists on your network or in the cloud. By extending security to the device level and running antivirus, spyware, and patch management on every device, you can minimize your risk.
4. Use data encryption
Data encryption has been around for a long time, but has gained more attention since the Snowden leaks. Several companies like Google, Microsoft, and Yahoo have added encryption to the services they host for customers.
Google has already started using encryption for Google Cloud Storage. Microsoft will also be including encryption for services like Office 365, Windows Azure, and Outlook.com. Other companies like Dropbox and Sonic.net are planning to include encryption in the future as well.
5. Take advantage of physical security
One good aspect of moving data to the cloud is that the cloud service provider and data center must take care of physical security. The data center will provide extra physical security, in terms of not only staff and location, but also implementing policies to safeguard your data.
For most professionals who are responsible for data both on-site and in the cloud, it is best to base your cloud security approach on risk. For high-risk, sensitive data, it is important to use these practices to help ensure your cloud services are secure enough for your business.
About Ernest Sampera
Ernie Sampera is the Chief Marketing Officer at vXchnge. Ernie is responsible for product marketing, communications, corporate communications and business development. Ernie brings over 26 years of marketing, sales, distribution channels, program management, strategic alliances/business development, and financial management experience to the company. Prior to joining vXchnge, Ernie was Senior Vice President & Chief Marketing Officer at Switch & Data where he was responsible for product management, marketing communications, corporate communications and business development. Prior to joining Switch & Data, Ernie served as Vice President of Channel Marketing for AT&T Business Services, where he focused on centralizing and transforming all facets of AT&T’s Sales Channel Marketing business unit. Prior to AT&T, Ernie held executive marketing and development positions with IBM, UNISYS, and the American Medical Association, where he designed, developed and deployed an open network infrastructure that positioned the AMA as a key participant in the on-line information industry.