How to keep cloud computing secure
When you have all of your data on your own server in the office, it can be relatively straightforward with the help of firewalls and intrusion detection systems to protect your information. However, the Cloud does not have such a clearly defined boundary which makes it seemingly difficult to protect. In fact, security is cited in numerous studies as the number one inhibitor to cloud adoption.
It is important to consider all possible points of entry for an attacker in a cloud environment; here are some pointers to help you on your way.
How secure is your cloud?
Before you trust your business data with a cloud services company, you need to know a bit about the company and the service they offer. Find out what security measures they have in place. Read the user agreements, service level agreements and terms and conditions. Check what happens in worst case scenarios, find out vital information such as who is liable for damage or loss, exactly what’s included in your contract and that the prices will remain affordable. Services like managed firewalls, antivirus, and intrusion detection are offered by reputable data center or cloud providers, and allow for increased security measures for managed servers. In addition there is an international standard for cloud privacy known as ISO/IEC 27018 which you can look out for.
What back up andn restore services are being offered?
Find out if your data is backed up regularly and how easy you can access this data. Even though your data’s on the cloud and may be backed up in a variety of locations. It’s still necessary to back up your data somewhere else. It’s extremely rare you will lose your data, but, you can’t be totally sure the company is going to be around forever, or how easy it will be to access your data in the future.
How stringent are you with passwords?
Always use a different password for each cloud service. If a password is cracked, the hacker will try this password along with similar strings in every cloud account your business may be using. Using different passwords will ensure your eggs are in different baskets.
Is your data encrypted?
If your data is sensitive, it’s recommended that you encrypt your data. Encryption converts the data into unreadable code. This means that even if a hacker is able to reach your data, it is unlikely they will be read the data. Understanding where the data encryption takes place may be important to you depending on the data. So you are aware of any attempted breaches, monitoring of access should be enabled.
Who has access?
Cloud computing is great because multiple users can access the data with ease anytime, anywhere. This poses a potential security risk. Are you sure the devices they are using can be trusted to access all of your data. Do you want these people to be able to access this data at ten o’clock on their phone at the weekend? You might want to limit access based on device, user and location. So only sensitive information can be seen when the user logs in on an office computer.
Have you considered mobile & home device security
Bring Your Own Device (BYOD) is the term used when when staff use their own personal mobile devices to access business information. If you are letting staff access data from home PC’s and mobile devices you should consider the potential risks and ensure that corporate data is isolated from personal data on the mobile device. It is always best to make sure that these devices are always running the latest level of software and to check for vulnerabilities.
How are you protecting your data against viruses, malware and ransomware?
Ensure all your devices are free from Viruses, Malware and Ransomware. The cloud computing companies take great measures to ensure your data is secure in the cloud, but that doesn’t prevent a threat at device level. We recommend a combination of Fortinet firewalls and managed anti-virus as the front line against hackers.
Cloud computing is essential for modern businesses and providing cost-effective and efficient alternatives to traditional software packages. Contact us to find out more.