more-arw search

Five Ways to Protect Company Data on the Cloud

Five Ways to Protect Company Data on the Cloud

Many administrators with executive jobs are considering transferring data over to the cloud for a number of reasons, including the fact that it is becoming increasingly frequent for competitors to invest in cloud data storage.

Many administrators with executive jobs are considering transferring data over to the cloud for a number of reasons, including the fact that it is becoming increasingly frequent for competitors to invest in cloud data storage. A number of experts, however, have noted that because it is still a relatively new technology, there are many risks that come with adoption, and mistakes or oversights made by business leaders could result in disaster.

Using the cloud to store business data can be a smart decision for a company of any size. PCWorld explained cloud computing can often quell backup worries should a computer disaster occur - if a business is physically destroyed by unpredictable environmental factors but the company data is stored on the cloud, as opposed to on-site servers, information would not be lost. The source also cited ease of communication, ability to remotely access information and cost-effectiveness as benefits of the cloud.

Still, some industry veterans are weary of the technology and worry that company data may not be as safe in the cloud as it is on in-house servers. Most dangers involved in cloud transfer can be remedied, however, in a few easy steps.

1.) Password protect

While password protection is probably the most common way internet users secure their data, there are certain rules that have to be followed. Many business leaders use personally relevant phrases like a dog's name, birthday or spouse's name as code words when attempting to access important company data, but these are typically things that hackers can overcome.

The Trustwave 2012 Global Security Report cited weak passwords as the largest network vulnerability a business has. Passwords are particularly important in the cloud because there is often just one entry point for access to the data, and, if breached, an entire firm could be compromised.

2.) Monitor data access

EWeek explained that though companies often have stringent policies on hiring and background checks, not all cloud providers may do the same, and some of these staff members could access business data. The source suggests that this could easily be remedied by monitoring activities of third parties by in-house employees. A way to do this is by creating alerts when a document is accessed by an unauthorized user.

Or, as Bruce Freeman of Scripps Howard News Service suggested to The Republic, a company could choose to set up a private VLAN, or virtual local area network which restricts unapproved users altogether.

3.) Choose the right provider

When moving information to the cloud, firms should be picky with their provider requirements. According to Freeman, a business should investigate a provider's security measurements, ensuring they have a strong intrusion detection and prevention system to thwart would-be hackers that can overcome a firewall. The source also noted that a provider should provide knowledgeable technical support 24 hours a day, 7 days a week in the case of a breach or basic difficulty.

4.) Protect during data transfers

Due to provider security measures and internal procedures, when information is stored in the cloud, it is generally safe. However, that is not always the case when information is being moved between servers and between organizations. Processor.com. Industry veteran Eugene Steinberg told the news source encryption during the data transit process is as important as it is when in storage.

5.) Security maintenance

Businesses should continue to monitor security measures and regulations throughout the time information is in a cloud, rather than depend blindly on a provider. Regular contact should be made with the cloud host to ensure that no security policies have changed and that high standards are constantly being followed. 

Comments

Don Hunter
Title: consultant
Company: Schupepetents
(consultant, Schupepetents) |

I think the best of both world is a good option where you have the data stored onsite and offsite in the cloud. For example your email on a hosted exchange but the emails are physically downloaded to the computer and servers onsite as well. marquee hire

Dan McCue
Title: SVP, Finance & Accounting Services
Company: Sutherland Global Services
(SVP, Finance & Accounting Services, Sutherland Global Services) |

There are also a number of common myths and misconceptions when it comes to cloud security. You might find this whitepaper helpful: https://www.proformative.com/whitepapers/sutherland-global-services-inc/cloud-security-bringing-clarity-common-myths

You can also find it under "whitepapters" on the Sutherland Global Services page in the Proformative Marketplace.

Topic Expert
Wayne Spivak
Title: President & CFO
Company: SBAConsulting.com
LinkedIn Profile
(President & CFO, SBAConsulting.com) |

I agree, good blog.

But I think the order of items presented is off kilter, and order, even in an un-ordered list still has import.

1. Choose the right provider
2. Security maintenance
3. Password Protect
4. Monitor data access
5. Protect during data transfers

Hall Mark
Title: Owner
Company: Small business
(Owner, Small business) |

Five ways to protect company data on the cloud are –
1. Before migrating to the cloud, a company should chart out vendor’s track record and judge the quality of its service. Company should get details of the security measures deployed by the cloud service provider. If they are up to the mark, only then data should be migrated.
2. The stronger the passwords to accounts are, the harder they are to crack. Keep in mind that without the right keys in hand, malicious insiders and outsiders alike will have a much harder time getting to your company’s data.
3. Data should be encrypted while in transfer. Technologies like SSL, FTPS, SCP, (and) HTTPS provide sufficient security for data transfers. Data must be secure when it travels between your site and the cloud and must be protected while in the cloud, but a third step in the process is making sure that the data is also protected during transactions, such as if an employee or customer is able to access data in an application.
4. Be cautious when working with cloud computing service providers. Monitor your cloud computing service provider’s employees’ activities, so that there is no unauthorized access to your data.
5. Always ensure that your cloud computing service provider is following the very latest in cloud hosting technology, regulations, and cloud security practices.

Products and Companies: