The advent of cloud computing, more than any time since the inventing of the telephone, made it possible for businesses and work teams to collaborate and work together regardless of where they physically sit. On the other hand, it’s ushered in all kinds of novel security risks and ways in which productivity can take nasty hits.
This overview will telegraph the five first considerations for playing safely in the cloud – especially when it comes to using SaaS software and other solutions. YellowFiber is the best and most reliable provider of business internet in Washington, DC — but we are also leaders in colocation, voice, data and network security consulting.
The importance of security in the cloud
It is fair to say that the explosive growth seen in the adoption (and costs) of cloud computing were totally unanticipated, even by the sharpest tech and market analysts, even just five years ago. Annual growth is predicted to continue at between15% and 20% — reaching one quarter TRILLION dollars in 2017, according to Gartner.
The crazy thing is — despite the highly publicized and very numerous cloud security data breaches seen in the last five years, global spending on cloud security as a subset of the market is still hovering at around $10 billion US dollars— a tiny fraction of the market. And that’s not due just an immature third party market for security consulting and solutions, industry surveys and individual audits have repeatedly shown that IT teams fail to implement and execute basic cloud security best practices.
That said, this list should be considered a great place to launch or evaluate your team’s cloud security and data protection footing.
Five steps to keep your business data safe on the cloud:
1 — Vet all of your cloud software providers. Even if every other element of their solution is elegant and perfectly scratches an itch; a lot of the onus for protecting your data is going to fall on their efforts and competence. Ask questions. Talk to their other customers. Are they providing adequate encryption, multi-factor authentication and backing everything up? If they drop the ball, it will still be you letting your company’s leadership know what happened, so make sure you are comfortable.
2 — Get your head out of the sand. Just because you don’t have a lot of insight or control over the security of the cloud infrastructure that you will be using. Complacency gets data compromised and IT pros fired. Your infrastructure providers have to be up to snuff. We always recommend network services, hosting and cloud providers that hit the sweet spot in size and resources the way that we do: large enough to have the acumen and people to provide excellent service, and not so big that you as a customer are an anonymous number. Ask how their communicate security information, updates and alerts. You need a solid partner here.
You have to get your head out of the sand and vet everyone. Even if you are under contract, call and find out how they do things. Talk to the engineers directly.
3 — Develop smart cloud commuting policies, and do what you need to to ensure compliance. This will not stop bad guys from trying to ruin your day, but you would be amazed by the number of companies that have not done their homework here.
You want to ensure two things. One — you want to spell out how employees use devices and hardware safely; Two — you want to author a plan for responding to threats. Figuring this out ahead of time is much easier than when the ship is on fire, obviously.
4 — Don’t forget about internal threats and employee error. When you make your plans, don’t assume that your own users are competent or trustworthy. As you may expect, fully 60% of all data breach incidents are caused by the company’s own employees.
5 — Encrypt everything. When all of your external defenses are breached and your data records are accessed by dirty pirates, make sure that they are not going to get their hands on anything useful to them — or anything that you will give you sleepless nights about having had breached. Encrypting your data gives you one more layer of defense.
Take cloud security seriously
Really plan how you are going to keep your data safe, and do not assume that software or infrastructure/network providers know what they are doing or are on top of things. Trust, but verify. There is a lot of complacency out there, and you do not deserve to take the fall on someone else’s error.
YellowFiber Networks is a different kind of network services provider. We put engineering first in everything we do. We get it. Call 1-855-GO FIBER and talk to one of our Top Gun sales engineers about how we can help you. Go ahead —we love talking shop.