Ensuring Data Security in Cloud Computing: Four Safeguards
A few numbers to consider if you’re a small business concerned about cyberattacks and protecting valuable company and customer data:
- 43% of cyberattacks are now aimed at small businesses, yet only 14% of such businesses are prepared to defend themselves ‒ Accenture
- More than half of all small businesses have suffered a breach within the last year, 4 in 10 have experienced multiple incidents, and 6 in 10 have had to close their doors within 6 months of being attacked ‒ Hiscox Ltd., a small business insurer
- 62% of companies lack the skills in-house to deal with security issues ‒ Underserved and Unprepared: The State of SMB Cyber Security in 2019, VansonBourne for Continuum
- Cyberattacks now cost businesses of all sizes $200,000 on average ‒ Hiscox Ltd.
That last statistic is arguably generous. If information is truly valuable, hackers can hold it for ransom and name their price. They know the going rates for data like credit card accounts and the personal information of customers. Want it back? Some ransom payouts to date have been in the millions.
So yes, data security in cloud computing environments matters more than it ever has.
Here’s another statistic. As surprising as it seems, more than 40% of data security breaches result from employee error, not poor data protection in the cloud.
Ends up, the worst data security in cloud computing is often an employee’s password not being strong enough to deter hackers. (We discussed this in a recent blog on preventing data theft.) Especially for data goldmines like CRM and accounting systems, if a user’s password is weak and unauthenticated, a hacker will plow right through it.
This aspect of cloud security and protecting data therefore puts the burden on the organization. Businesses must constantly train employees and review security policies. They must provide continuous phishing protection and conduct breach drills among their workforce. And they must routinely assess the outcomes of employee-based security practices and adjust them as needed.
Unfortunately, businesses are still coming up short in this area. Anti-virus provider McAfee reports that businesses in general train only 3 in 10 employees in security policies, namely passwords. In relation, according the US Small Business Administration, this currently puts more than 30.2 million small businesses at risk of digital threat.
Security is likewise a consideration when choosing a cloud service provider (another recent blog). At this level, businesses can share the burden of data security in cloud computing with the cloud provider. For the provider’s part, protecting data comes down to their own cloud security policies — and philosophies — and how strongly they enforce them.
Four further measures for data security in cloud computing
Passwords, organizational practices, and inherent security aspects of the cloud itself all lend to a higher degree of data protection for any business. But businesses still need to know the whereabouts of their data at all times, even if they turn to security professionals to help.
Here are four additional safeguards for data security in cloud computing.
Apply encryption effectively
Because local encryption provides an additional layer of security, your business should encrypt data before it’s ever uploaded to the cloud. In cryptography circles, this zero-knowledge proof method can protect your data against service providers and administrators as well as hackers. Even if your business is using an encrypted cloud service, this preliminary round of data protection never hurts.
Perform local backup on a regular basis
Backing up data in your own environment is an essential precaution toward data protection and cloud security overall. To a business, information is everything. It must be backed up regularly, even daily. Because when data can’t be replaced, it can lead both to financial loss and potential legal action by the parties whose data was lost. Worse, your business’s hard-earned reputation can take a severe hit.
Take additional security precautions when you can
While encryption can prevent the unauthorized access of data, it doesn’t secure its existence. Data can easily get corrupted over time when many users have uncontrolled access to it. For the utmost data security in cloud computing, the cloud your business uses should have safeguards such as antivirus programs, administrator controls, and user privilege controls to move and maintain data.
Continually test your security practices
Routinely testing your business’s cloud security practices can make a big difference. A few testing methods: Assess your cloud’s performance relative to its security setup. Hire ethical hackers to test your system’s security level. Schedule regular password updates among employees. Checks like these can help you gauge security “decay” and expose possible loopholes.
Visual Edge IT can help your business assess and strengthen its data security in cloud computing. Contact us to take the first assessment step.