Keeping your data safe when moving to the cloud
Continuing from our poll results, Kevin Cummins from our Engineering department, shares more helpful tips on security.
As new technologies continue to improve at an incredible rate and prices for high-speed internet connections continue to decrease, many companies are looking at ways to remove IT overhead by moving parts of their infrastructure into the cloud.
But can you be sure that your sensitive data is safe and secure?
There are 6 areas of Cloud Security, in which if properly managed and mitigated, can keep your data safe.
Passwords are arguably the most important aspect of securing data.
Efficient methods of securing passwords include:
- Randomizing/Generating Passwords
Refrain from using passwords which may contain words or number patterns that are easily guessed, used on any other system, or are related to any readily identifiable data that relates to you.
- Password Complexity
Include non-alphanumeric characters in your password (characters such as: !^%$#, etc.) This makes it more difficult for someone to break your password by brute force or dictionary attack.
- Password Validity Periods
Having a regular schedule to change passwords also helps to keep someone from guessing your login.
- Two-factor Authentication
If your password is ever compromised, having a second level of authentication can help to reduce the possibility of a breach (Read about our article on Two-factor Authentication here).
Knowing where your data is being stored is critical to data security, for both technical and logistical reasons. Often with Cloud Service providers, your data is being stored on a shared physical infrastructure. Make sure to check with your provider on how they are ensuring your data is segregated and secured from leaks.
In addition, providers may be storing your data on infrastructure at various locations around the world. Your company (or country) may have certain regulations about storing data at overseas locations. So ask your provider for information on where your data is being stored and whether or not they can accommodate your storage location requirements.
Having your data encrypted prevents leak of sensitive information if ever files should fall into the wrong hands (either intentionally or accidentally). Some cloud providers provide server-side encryption, while others do not.
For the ones that don’t, there are user-side encryption solutions, such as Boxcryptor, which are available.
Some cloud storage providers store files on their servers in encrypted form, however, since they are not using an “end-to-end encryption” solution (where data is only decrypted at the endpoints), they have the capability of decrypting your data.
For more information on end-to-end encryption, see here: Techopedia
It may be contrary to the idea of cloud storage, however, you should have another copy of your data (in another cloud storage location or stored locally).
Cloud storage providers offer data backups and redundancy in their offerings, but we have experience in the following scenarios where data stored in the cloud was unreachable:
- Downed Local Internet Connection
- Cloud Storage Provider Datacenter Issue
- ISP or government blocking access to Cloud Storage Provider
Having easy access to your data is great, but losing access to your data can be a nightmare. Make sure you always have a way of recovering your data.
Having proper standards can have a great impact on security for your data while in the cloud. The thought process for implement these standards should be two-fold:
- Client-side processes
Make sure that users are aware of proper etiquette when handling data (accessing and sharing) and that personal passwords are secured not shared.
- Cloud Storage Provider processes
Your storage provider should be following the latest security guidelines for securing data and access to physical storage locations. (Suggestion: Look for HIPAA, ISO, IEC and JIS certifications).
Talk with your users on a regular basis to gauge how they feel about the current system you have in place. A frustrated user may look for ways to circumvent the system if it is too complicated or inefficient. You want your data to be secure, but it is also important to keep users satisfied.
Read security updates from providers. Stay engaged with their support team to make sure that your security is always up to date and that you are notified of any potential risks or breaches.
Remember, if your data is secure, everyone will be PLEASED.