Ad Blocker Detected
Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.
Cloud computing can cut business costs and speed up IT systems – data and applications are stored on dedicated, third-party servers, saving you the time and expense of setting up your own server network, and then accessed remotely via VPN from your office, or anywhere you can get a secure connection.
Not only is this remote access convenient, it can also cut costs and increase productivity – a 2015 YouGov Omnibus study found that over half (54%) of all office workers are able to work remotely, and that almost a third of these (30%) felt their productivity increased when working away from the office.
All of which would suggest the cloud offers the ideal solution for small businesses looking for secure, convenient, and cost effective data storage, yet still the migration to the cloud is relatively slow – in fact, just 10% of all the world’s data stored there?
So why are businesses still hesitant to commit to the cloud? It appears to be a question of security.
Is your data secure in the cloud?
If you use any type of streaming service, you’re using cloud-based software – whereas we used to buy and store films and music locally on the hard drives of our devices, we now save valuable storage space by streaming them from a centrally-located server via apps like Spotify and Netflix.
It seems we’re still not completely sold on the idea of storing business data in the cloud, and the idea of essentially handing over sensitive information to a third-party is still a cause for concern for business owners.
Gavan Egan, managing director of cloud and IT solutions for global telecoms giant, Verizon, said: “The biggest risk is giving up control of your data to someone else using different data centres in remote places.What happens in the event of a disaster? You’re also putting your data next to someone else’s.”
This suggests disaster recovery is a concern, as is having your data stored next to someone else’s – if hackers find a way to get at the data of someone you share a server with, they could have a foot in the door to your data.
Phil Smears, MD of EdgeThreeSixty web design Liverpool, a digital agency that also provides hosting services, said: “It’s vital to check the maintenance schedule, if the hosting company is lax when it comes to maintenance then unused files, data and websites can pile up and become a security threat to any other sites sharing that server.”
So regular maintenance schedules and security updates should always be a key consideration when signing up to any cloud or other hosting package.
Although you are still ultimately responsible for your data when it is stored in the cloud – providers are by no means custodians, they just supply the resources – you should still expect a high level of security to be in place.
Mark Crosbie, international head of trust and security for Dropbox, the cloud file storage, explains how his company encrypts data: “We split each data file into chunks – a process called sharding, and these chunks are then separately encrypted and stored in different places, so if someone did manage to break in and decrypt the data they’d only get access to random blocks.”
And the major cloud providers will offer a ‘hybrid’ system, which offers another layer of security by giving you the option to handle your own encryption keys, meaning no one at the provider end is able to gain access to your data, no matter how hard they try.
How to stay safe in the cloud
It’s safe to say there’s still a certain amount of suspicion around the cloud, and high profile hacks like 2014’s Apple iCloud breach don’t help matters, but the majority of major data breaches over the last five years, including theAshley Madison and TalkTalk hacks, have all been from internal databases – having your own servers doesn’t necessarily mean your data is more secure.
According to Sage, the business software specialists, the biggest threats to cloud security are:
- Accidental data loss–Deletion and permanent loss of data due to human or system error, or physical catastrophe
- Account hijacking – Phishing, fraud and activity eavesdropping result in hackers gaining access/control of an account
- Data breaches – When sensitive, confidential information is stolen or released or accessed by a person not authorised to use or view
- Cyberattack – A DoS brute force attack to a system or a parasite that infiltrates the network and system
- Insecure interfaces – API and UI are the most exposed parts of a system and will be primes targets for an attack
- Malicious insider – An employee, former or current, with access to a system or network with intent to compromise or misuse data
- System vulnerabilities – Inherent weaknesses and bugs within systems are exposed and exploitable over a network
- Weak access – Failure to use multi-step authentication, weak password use, and poor rotation of cryptographic keys.
And in order to ensure your business data is safe in the cloud, Sage suggests the following dos and do nots:
- Do check with your cloud service provider for encryption while in ‘transit’ and at ‘rest’
- Do not access the cloud over an unsecured or public network
- Do implement a cloud computing policy to specify how users are managed and how employees are allowed to use software and hardware.
- Do not allow the use of personal devices by employees for connecting to company cloud services and networks
- Do consider data encryption, password protection, user controls, backup process and reputation
- Do not allow access to employee’s personal cloud storage services from the company’s network.
The main thing to bear in mind when moving over to the cloud is that you are still ultimately responsible for the security of your data. So do your homework before choosing a cloud storage provider, then always be vigilant and make sure you’ve sufficient security measures in place to keep your data secure.