We’re all being advised to head to the cloud for cost and time savings. But just how secure is your business and personal data in the cloud? And what differences are there - if any - between cloud providers?
Data security is increasingly becoming an issue of concern, particularly with more business activities being facilitated by the internet: for instance, transactions, data storage and business applications.
And with businesses utilising cloud computing in growing numbers, naturally security around how data is stored in the cloud is an issue.
Generally speaking, security measures offered by cloud providers are good and many have invested heavily in this area. As security measures for cloud computing have advanced, concerns around security have actually decreased over time.
In many instances, your data is safer in the cloud than stored in physical on-premise servers. Most on-premise servers have little-to-no security, so almost anybody coming into the office can access your critical business files.
Security measures do vary among cloud providers and when making a decision to invest in cloud options, it’s important to read the fine print to understand what you’re getting.
Here are some of the security aspects you need to keep in mind when comparing cloud providers:
What happens if your cloud provider goes down?
With more business operations being hosted in the cloud, an outage can be a huge disruption. As we recently saw with Amazon Web Services, even large cloud providers can have outages.
So it’s important to understand the provider’s track record with outages and what provisions they have in place for when outages do occur.
Understanding the physical location of data centres
Even though your data is in the cloud, it is still physically hosted somewhere. Most cloud providers will have their own data centres or agreements in place with data centres.
Questions you should be asking include: Are they climate controlled? How reliable are they? Is there firewall and intrusion protection, device monitoring and alarming?
The other important element to consider is data sovereignty. If you have data saved in public clouds, it means your data is stored on a server in a different country, which is governed by an entirely different set of security and/or privacy regulations.
How will your data be protected against unauthorised access?
Even with your data in the cloud, you want to make sure it is safe from unauthorised access, so you need to review what security measures are in place to minimise this risk.
Beyond passwords, what level of encryption is on offer? And who is responsible for encryption of files?
In addition to storage and backup, some cloud providers provide local encryption of your files, meaning the provider looks after encrypting both the files on your computer and the files in the cloud.
Will backups and virus protection be included?
Not all cloud providers will offer the same level of protection for your data.
Public cloud providers often don’t offer protection against viruses, ransomware and malware as part of the offering, but as an extra, if at all.
Plus, in some instances, your data may not be backed up and recoverable if things go wrong.
On the other hand, private cloud providers usually offer the latest protection against viruses, ransomware and malware, as well as data backup and recovery. Cloud computing offers many benefits from increasing efficiency to reducing running costs.
When deciding which cloud provider will suit your business, first do your due diligence, especially around security.
With businesses holding much more sensitive and critical data, it’s important to ensure your cloud provider can support the security of your data.
Andrew Tucker is the CEO of ITonCloud, which helps businesses simplify and automate their IT systems by leveraging the cloud.
- Reader question: Can someone block the sale of my business?
By Adam Zuchetti
- Slashing customer response times no pipe dream
By Adam Zuchetti
- Legal view on dealing with errant employees
By Geoff Baldwin