A couple of weeks ago we covered cloud computing myths with an overview of some of the more important points to consider if you are thinking of moving your business data. Over the next few weeks we’ll tackle those points individually and give them the explanation they deserve.
We are starting with cloud security.
The question of security comes up all the time. It’s a word that has taken on even more power post-Snowden. From government surveillance to hacking and industrial espionage, the threats to company data are as numerous as they are serious.
The one main issue that many IT managers and cloud sceptics seem to miss is that on-premise solutions are just as exposed. In fact, the numerous studies that have been carried out since cloud computing first gained prominence have all found that the majority of data loss incidents are still from on-premise solutions.
Unless your company has the resources to build multi-layered secure networks and monitor them 24/7, your data won’t be as secure as it would be with the newer cloud vendors.
Keeping hackers and emotion out of the equation
The main barrier for many SMBs moving to the cloud is actually an emotional one. Putting your data into the hands of someone else can “feel” wrong. It feels as though it must be insecure, that having your company data on a server connected to the internet would be more risky than having it within your own four walls.
That response is a common one, but is more about control than security. By using the cloud, you lose an element of control over your data. That does not mean it is less secure, just that you cannot control how and how well it is protected. It’s an important distinction to consider.
Access over location
Another concern with cloud computing is where it is based. After Snowden, many companies won’t use American cloud vendors. Germany has banned the use of cloud computing where servers are based in the U.S. Yet it isn’t where the server is based that is the problem, it’s how easy it is to access that server.
The NSA, GCHQ or any of the many private or state-funded hacking groups don’t care where the servers are based, only how easy they are to break into. The very nature of the internet negates the location consideration. Working with a vendor that understands this distinction will go a long way to securing your data.
So how is cloud computing more secure?
Broadly speaking, the average SMB simply doesn’t have the resources dedicated to data security that it requires. Competition for resources in businesses of any size is fierce and none more so than IT. So unless there is an unlimited pot of those resources, compromises have to be made. Not so with a quality cloud vendor.
Quality vendors – Many cloud vendors are addressing our concerns over security. Many offer fully compliant storage and some offer the ability for you to add your own layer of encryption to your data. Choosing your vendor carefully is key to making your foray into cloud computing a success.
Security – Perimeter security will be the same for a cloud vendor as it would be for your business. A layered hardware and software barrier to keep unauthorised access to a minimum. The latest security protocols, firewalls, DMZ and standards come into play here too, adding to the ability for a vendor to protect what’s yours.
Quality cloud vendors prioritise security over everything else.
Physical security – One significant but often overlooked advantage of storing your data in the cloud is that it removes the insider from the equation. Many cases of data loss come from a disgruntled employee or contractor working from the inside. If all your data is stored in the cloud, access to that data is severely limited.
Testing – The final major difference between a good cloud vendor and an on premise solution is the ability to perform constant penetration testing. While your business could do this if it had the expertise, chances are that it doesn’t. A quality vendor will run penetration tests regularly to ensure it is delivering the kind of security you’re looking for.
As always, please get in touch and we’ll be happy to chat you through our recommendations for your business.