It's time to settle the top cloud computing security concerns, once and for all.
Welcome to our very first Agony Aunt blog feature.
Our resident agony aunt Cloudia is here to put an end to all those unnecessary sleepless nights you’ve spent worrying about the safety of your data. She’s a fiery redheaded cloud computing pro who’s here to answer the most common cloud computing security queries, questions and concerns so you can get on with enjoying the benefits.
Cloud Computing Security Concern #3: Data Ownership
‘I just can’t let go!’
Letting go of old fashioned on-premise backup solutions can a tricky one for some. There is an ongoing concern among IT professionals that data held offsite doesn’t belong to the organisation in the same way that data stored on-premises does.
Eradicating this fear is simply a case of selecting your providers wisely. Just as you would when you choose any other partner or contractor, ensure that your service agreement guarantees you full ownership of your data and allows you to easily access it when necessary.
Cloud Computing Security Concern #2: Data Confidentiality
‘I’m worried about regulatory compliance!’
Whether your enterprise works with customer payment data and order histories, personal health information, dental records, or trade secrets, your firm may be in the possession of precious data that cannot be leaked or shared with others. In particular, if you’re in a regulated industry, such as healthcare or finance, you’re faced with a long list of regulatory requirements you must also comply with when storing, sending or discarding data.
If your data is regulated or highly sensitive and contains personal information, you need to ensure your cloud provider imposes more stringent security and privacy measures. Our best advice is to select a cloud provider who; is ISO 27001 certified, complies with the guidelines and legislation outlined by the Data Protection Act, and the Information Commissioners Office. Find out, too, if the provider ensures that there are secure disposal practices in place when it comes to deleting previously stored data, by deleting an encryption key for example.
Cloud Computing Security Concern #1: Data Loss
‘My biggest fear is losing precious data’
Ironically, the fear of actually losing data through the use of the cloud is up there in the top five concerns about the security of using cloud computing. Those operating within the financial services sector for example operate in a highly regulated environment, where any loss of customer data could have reputational and detrimental implications on the business.
Whether it be through data transfer, by unauthorised access, accidental deletion or user error, Cloud providers have the responsibility to ensure steps are in place to prevent data loss from occurring. Many providers offer secure data transfer in and out of the cloud through HTTPs or other secure channels. A much smaller number provide data-at-rest protection (i.e encryption), providing a secure life-cycle management of data.
Cloud providers will go to extensive lengths to ensure you data is kept secure. Intelligent controls that are put in place to prevent data loss or leakage include;
- Monitoring and reporting for all data activity
- Application control
- Email control and encryption
- Device control and encryption
- Malware protection
- Trusted network awareness
- Privileged user control & monitoring capabilities
- Web application and cloud storage control
In addition to this, you as a business have the responsibility to ensure your data remains as secure as possible in the cloud through the use of strong passwords and careful usage of BYOD/mobile devices.
Think about it, are you more likely to lose corporate information or customer data by using USBs, hard drives and laptops – or by using a central repository with a reputable cloud provider? It’s your call.