Business owners are making a move to cloud services in pursuit of more scalability, better team collaboration and easy instant access to data. However, the convenience of the cloud comes with some serious security risks.
Even though reputable cloud providers do have protections in place, there is no absolute guarantee that data is completely safe. Here's what all business leaders should consider before making the switch to cloud data storage:
You may need to backup the cloud
Recently a cloud provider in Europe suffered a devastating fire and a complete loss of one data center, and the temporary shutdown of several other data centers. This event forces us to scrutinize cloud providers and isolate those that operate out of only one data center! There are more of them out there than you may realize. Even cloud providers that boast multiple data centers may only store your data in one of them unless you pay additional for redundancy of data.
Before selecting your cloud vendor be aware of the number of data centers they have and exactly where your data will be stored. Be sure to consider your cost models and the additional expense of that data redundancy in your decision making process.
Another strategy worth considering may be to use a second cloud provider as the backup destination for the primary provider. This provides additional layers of redundancy and security. However, the management for you and your company will be more complicated.
You lose control over your data
With a cloud service, your data is no longer on your company's IT environment; it is now with a third party. You cannot dictate the data privacy settings, so how secure your files really are, you never really know.
All cloud providers include an agreement which states the security features they offer. However, there is really no telling what they are actually doing to protect your data; you are basically forced to take them at their word.
Highly regulated industries that have to meet compliance requirements should never completely rely on a cloud service to protect data. You must have your own security precautions in place and layers of encryption. Ask us how you can do this.
Not All Cloud Solutions Are a Good Fit
Businesses in heavily regulated fields must have a multi-layered security approach to avoid the costly consequences of a data breach. Before choosing a cloud provider you will want to:
- Evaluate exactly what security measures are being utilized, if it includes support, and if the storage offered will keep your business compliant. Some cloud solutions are good for storing data only and do not provide sufficient security.
- You should consider not only the encryption of the data itself but also who has access to the encryption keys. In the case of a data center co-location facility, who has access to the physical equipment where the system is operating, and what physical barrier prevents access or damage from another tenant in the facility?
Cyber Attacks are on the Rise
While we are constantly improving how to secure our data, cyber criminals are keeping up with these changes and their methods are getting more sophisticated. The cloud provider of your choice must be committed to regularly staying on top of the latest hacks and security holes.
In some cases a vendor’s cloud may offer the advantage of having software and security updates applied before they are generally available to those with on premise solutions - which would be an advantage. These large public clouds are typically very well designed to be secure and have isolation of tenant instances. However cloud environments from smaller organizations may not have the same level of infrastructure. It is these smaller organizations that are especially attractive to bad actors.
The cloud does make it easy to collaborate with your team, but it also comes along with a major risk. Once an employee has access to your cloud they have access to your sensitive files and can even share access outside of your organization. In the wrong hands, there is even the potential for your entire cloud environment to be destroyed within just a few short minutes.
Robust cloud solutions should provide a level of protection and monitoring against intentional or unintentional data loss. (Called Data Loss Prevention or DLP). It may also be necessary to couple your cloud with SIEM solution that absorbs and monitors all activity looking for suspicious activity and is backed by a Security Operations Center. Modern solutions can integrate the log data from your cloud together with that of your end-user equipment to provide a single environment-wide view of activity.
When your internet is down, so is your cloud. Considerations for redundant Internet access are critical. Certain applications may offer the ability to work locally on your machine temporarily until the Internet comes back up. This is especially critical for businesses that do on-site operations and are located in area where there is a connectivity dead spot - such as basement.
Bandwidth and VDI
When moving from an on-site server environment to a cloud environment careful consideration and planning must be done in regards to the bandwidth needed to have an acceptable user experience. In some cases it may be necessary to move to a Virtual Desktop environment (VDI) which places the end-user computer in the same place as the server to accelerate performance. This one issue is often overlooked and can cause significant additional investment if not anticipated.
Cloud data storage may very well be a good solution for your business and improving your operations. However, it is important that all business leaders understand the complexities and potential risks that come along with cloud services. This understanding goes a long way to developing a cloud strategy and budget that minimizes any surprises down the road.