So, you are thinking of moving your data to the cloud. But how secure will it be?
There are many myths circulating that the cloud is much less secure than traditional methods of storing data. Would you feel more confident about storing your data on servers and systems that you own and most probably keep in your office, or storing your data on servers or systems that you don’t own or have any control over?
It’s this question that has concerned many business owners, but the important point to keep in mind is that any data storage must rely on a clear, well-planned and delivered security strategy coupled with the latest technology, whether it’s cloud based or not.
How do cloud providers keep your data safe?
Cloud providers invest a lot of time and money in their technology and operational processes, to keep their data centres and servers safe and secure. When you store your data in the cloud, you can take advantage of this enhanced security. As Microsoft states, “Protection from known and emerging threats requires constant vigilance, and an array of defences is in place.” – something that most SMEs would struggle to achieve with limited budgets and resources.
The chances are, your on-site systems are a combination of different technologies from different times, running on different operating systems.Older technologies are typically less secure because they weren’t designed to handle modern, highly sophisticated security threats.The more areas of your IT infrastructure that can’t be secured and protected with the latest software and solutions,the more vulnerable you become to hackers.
When you work with a cloud provider, you have control over where your data resides and who can access it. You can even specify the geographic areas where your data is stored, and data can be replicated within a geographic area.Many cloud providers will also offer additional contractual commitments about the transfer ofpersonal data to ensure that you are in compliance with the E.U. Data Protection Directive, or the Data Protection directive that applies to your region of business.
Data stored on servers in cloud data centres is encrypted, adding another layer of protection. This is important because it is a legal requirement in many industries to encrypt data where it is physically stored (e.g. on a server) and while it is in transit (e.g. moving through a network). More details on encryption can be found here.
Cloud providers can also utilise Virtual Networks and VPN Gateways to ensure that applications and data benefit from the same level of security in the cloud, as they would if they were stored/run on an internal network.
Another way that cloud providers can protect your data is through Replication. Replicating your data ensures durability and high availability. Replication copies your data, either within the same data centre, or to a second data centre, preserving your application up-time in the event of short-term hardware failures. This can also help to ensure that your cloud storage account meets the ‘Service-Level Agreement (SLA) for Storage’, even in the event of a failure.
Some high profile security breaches have occurred when laptops containing sensitive information have been lost or misplaced. In addition to the cost and time taken to replace your laptop, you also have to deal with the potential damage to your company reputation, loss of trust, fines and risk of legal action. By storing your data in the cloud, in the event of a loss of a device, your data remains safe and secure. Whoever comes into contact with your laptop doesn’t have access to your data, while you can continue to access it by logging into your cloud account from any other web enabled device.
What can you do to keep your data safe?
Other recent high profile security breaches, have been due to the fact that people haven’t been very clever with their use of passwords. For example, using the same password for multiple accounts, or using easy to guess passwords such as ‘p@ssw0rd’ or ‘123456’
The good news is, there are lots of simple things you can do to create longer, complex passwords and keep your data safe:
- Try using easy to remember phrases shortened to long string of letters, numbers and special characters
- Insert numbers or special characters such as &@%>]
- Insert random uppercase letters
- Use password manager software to create, store, organise, and fill in complex passwords without having to remember them (you can find a review of the best ones of 2017 here)
- Use words
- Use personal information such as names, birthdays, schools etc
- Use characters that follow patterns on your keyboard or numeric pad
- Reset your password using a link in an email – make sure you go to an official site
- Share your password with family, friends or colleagues