The cloud is a beautiful thing – it can improve productivity, decrease business expenses, and enhance collaboration among team members. However, it’s not without risk.
While you can be fairly confident that the data you create and store on remote servers is secure, there are a few concerns you should be aware of before switching your company to the cloud.
Secure Data Transfer and Storage
When using the cloud, you’re choosing to transfer, create, and store data on the Internet. This means that it could potentially be accessed and stolen by hackers. And while the risk is real – it’s the most frequently cited consumer concern – it’s also a risk you can manage.
Choose cloud providers that you trust and that have high security ratings. Then, if you’re handling sensitive data, make sure you encrypt it before transferring it over a secure connection to your cloud service provider. When in doubt, ask lots of questions before making the leap.
You may decide that some of your data, such as health records or customer credit card information, is simply too sensitive to store on the cloud, while other data, such as operating procedures, calendars, and basic customer information, is worth the risk.
While it’s probably just as likely for you to lose data on your own servers as it is on remote servers, the lack of control when it comes to the cloud can be unnerving. You can manage the risk by scheduling frequent backups and having them sent to a secondary cloud service.
For instance, I have a WordPress website that’s stored on Amazon Web Services’ cloud servers. To protect myself against the possibility of a server outage that could take down my site or damage my content, I’ve scheduled a daily site backup to be sent to DropBox, another cloud service.
When you enlist a cloud service provider to manage your data storage, you’re essentially entrusting it to another company. As long as you do your research and make sure you’re choosing well-respected providers, you can feel fairly confident that your data is in good hands – after all, the company you choose would go out of business if its customers stopped trusting its ethics.
That said, breaches are always a possibility, and an unethical employee of a cloud provider could access and use your files – much like one of your own employees could do the same in-house. If you want to use the cloud for highly sensitive data, talk to the provider about its employee hiring practices and encryption standards, and how it prevents internal security breaches.
When comparing the risks of internal data storage and cloud data storage, I like to use the analogy of driving a car and flying in an airplane. Many people are more fearful of flying in an airplane than of driving a car, even though statistics show it’s much more dangerous to drive. The fear comes from the loss of control – when you’re in a plane, if something goes wrong there’s not much you can do to solve the problem.
Switching to the cloud is similar. There’s a loss of control when you put your data in someone else’s hands, but when done wisely and with care, using cloud service providers can be every bit as secure, if not more secure, than storing your data in-house.
Personally, I couldn’t manage my business without the cloud. It’s an incredible tool that’s enabled me to do more in less time and for less money. Think carefully before switching your business to the cloud, but do it honestly – acknowledge that there’s also risk when you store data in-house, so really it’s just a question of which risk is greater.
Do you use the cloud for your business?
About the Author: George Stern is a business owner who writes about technology, cloud computing, and tools to improve productivity.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
- To Pen Test or Not to Pen Test: That is the Question…
- Unified Security Configuration and Vulnerability Management
- How to Detect the Heartbleed OpenSSL Vulnerability in Your Environment
- NETGEAR Wireless Router Configuration Guide
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock