Even with the cloud, data protection is your responsibility
In recent years, the cloud has become a major part of the IT landscape, bringing many benefits and a wide variety of options. In addition to virtually unlimited data storage, the cloud imparts improvements in speed, availability and user mobility. It carries significant financial savings as well, including cost cuts, on-demand capacity, and reduction of resources previously allocated to infrastructure and operations.
But for all its advantages, the cloud is not without potential challenges, and the picture is further clouded by a number of widespread misconceptions. No surprise, since every major breakthrough comes with new and unexpected obstacles as well as gaps in public understanding.
Users often assume that the protections the cloud provides give license to relax established safety practices, but cyber threats are still on the prowl. A main reason for this false sense of security is that in the past, companies’ critical data and services were more or less safely contained in their own servers. Now, with cloud storage and ever-greater reliance on Internet services, organizations present more-inviting targets and more opportunities for single points of failure.
There is a tendency on the part of some users to blame the technology itself for difficulties that arise from use of the cloud. More commonly, however, problems are the result of avoidable human error – failure to implement basic security procedures. So even with solid cloud implementation, protective measures are as essential as ever. While effective data protection is highly complex, careful attention to the possibility of simple mistakes is as important as understanding the technicalities.
Here is a typical example. Masses of private and commercial data can be made vulnerable simply because systems’ web addresses have been left unguarded and thus easy for hackers to obtain. This enables invaders to capture encryption keys, which is all they need to be able to pillage an organization’s data. Attacks of this kind can severely cripple companies, all because an elementary safeguard was ignored.
The solution is simple enough: every aspect of credential protection, every user ID and password, must be made secure, with emphasis on every. It is estimated that more than half of the companies that use cloud systems have allowed potentially lethal exposure of their cloud-stored data as the result of this kind of easily avoidable mistake. And any time a system is open to attack, the company’s customers and vendors are at risk as well.
Another frequent error is failure to encrypt sensitive data. It is estimated that well over half of companies fall into this category, despite the fact that implementing encryption software and infrastructure is universally understood to be a key element in an organization’s data security.
There are other types of vulnerabilities that, while basic, can be hard to detect. It only takes one crack in your defenses to open your system to attack. If you have any doubt in your procedures, take the time to have your defenses thoroughly audited.
We have the expertise and experience to help you identify security vulnerabilities such as have been described, and are always available for advice and guidance. Feel free to call us at 1.877.834.3684 or email us at firstname.lastname@example.org.
Please follow our company page on LinkedIn to get the latest information and news on Data Protection and Disaster Recovery.