Stay Safe in the Cloud
By 2025, 85% of organizations will have a cloud-first principle, according to Gartner.
The cloud brings a whole lot of benefits to an organization, e.g. slashed IT cost, more flexibility, and increased efficiency.
However, using cloud-based programs and storing data offsite can bring up a range of potential security threats. Therefore, it’s important to know how to protect your important data on the cloud.
The shift to cloud computing has been one of the most significant tech trends of the past few years. The COVID-19 pandemic has also increased cloud adoption.
Almost 70% of organizations using cloud services plan to increase their cloud spending in the wake of the pandemic as cloud services helped companies to keep their businesses viable, online, and connected to their customers and partners, according to a Gartner survey published in November. Moving to the cloud also creates a host of other benefits for companies, including lower IT cost, more flexibility, increased efficiency, improved security, boosted performance, and the potential for innovation and developing new capabilities.
Every organization that we know of has a ton of very sensitive data, and now that most of us have moved to a remote working model, there is more data than ever stored in cloud-based applications. Unfortunately, as we head into 2021, cyberattacks and breaches on cloud services are increasing.
What is cloud computing?
In layman's terms, cloud computing is a method of storing files and data in a centralized network that can be reached from anywhere and by any type of device, e.g.: cellphones, tablets, laptops, and desktops. The notion of the “cloud” is because this data is placed in a network where someone in Malaysia could access it as well as someone in the USA.
Many people use cloud-based computer services and are not aware of it. For instance, people access and share information using remote server networks whenever they log on to social networks, like LinkedIn or Facebook, edit photos on Instagram, write blogs and create websites with WordPress, store files on Dropbox, or create files using Google Docs. These are examples of cloud computing, which, simply defined, is how we store and share data, applications, and computing power on the Internet.
Is cloud computing safe?
We trust the cloud more and more nowadays. We rarely choose to send a bunch of photos by email, we no longer use USB thumb drives to carry docs. The cloud has become a place where everyone meets and exchanges information. Moreover, it has become a place where data is being kept permanently. Even our documents from the bank, copies of our IDs, and confidential business documents are finding their new home on the cloud. But can you be sure your information is safe and secure out there?
Below are common security concerns of cloud computing. A good cloud security provider will offer a scalable solution that detects threats before they reach the data center, helping to mitigate the following security concerns:
Loss of data
By its very nature, cloud computing involves some ceding of control from the customer to the service provider. There is always the risk that sensitive data is in somebody else’s hands. If the security of a cloud service is breached, hackers could potentially gain access to intellectual property or other personal files. E.g. Jennifer Lawrence and other celebrities had their private photos leaked online when Apple iCloud service had been compromised in 2014.
Malware infections
Due to the huge amount of data stored on the cloud and which requires an internet connection to perform its task, anybody using cloud services is potentially at risk of cyberattacks. A common threat is Distributed Denial of Service (DDoS) attacks, whereby hackers flood the servers of a web-based application with unprecedented volumes of traffic, thereby crashing the server.
Legal/compliance issues
With increasing legislation on data protection, staying compliant is becoming more difficult. Companies must have steadfast rules governing who can access what data and what they can do with it. With cloud computing’s easy access to data on a large scale, it is not easy to keep track of who can access this information.
Nevertheless, there's rarely a question that those well-known cloud service providers that you're familiar with, such as Amazon, Google, and Microsoft offer a more secure environment than you could ever hope for.
Yet, no matter how terrific these cloud service providers are when it comes to protecting your data while in the cloud, they cannot protect you from stolen credentials or when your company data leaves the cloud to interact with other systems. The latter happens in every organization every day as employees access, download, and transfer all that data from all sorts of devices in all sorts of places to all sorts of people.
Security breaches are rarely caused by poor cloud security, they are caused by humans. Stolen login credentials, disgruntled employees, fat fingers, insecure wi-fi connections, and other human errors are the reason that your cloud data is at risk.
Below are 7 tips to protect your data in the cloud.
1. Use strong passwords and two-factor authentication.
All the standard security tips apply to your cloud accounts as well: Choose long and unique passwords that are difficult to guess, and use a password manager.
Switch on two-factor authentication (2FA) if it's available. Enabling 2FA means cybercriminals will not be able to get into your cloud storage files even if they know your username and password as another code on your phone will be required as well.
2. Audit your file and folder shares.
Cloud storage services can leave your data open to unauthorized access if someone else other than the people you grant access to finds those links, or manages to access the account of a person you have shared files with. Be careful who you share files and folders with. Also, add passwords and expiry dates to your files if these features are available.
It's also a good idea to run a regular audit of files you shared and manage user access to your shared drive.
3. Clear out your deleted files in the bin.
Many cloud storage services have a recycle bin, keeping deleted files for a certain period just in case you want them back. You might want to make sure certain sensitive files are completely deleted and no longer able to be recovered.
4. Deactivate old devices that still have access
Most cloud storage services let you sync files from multiple devices. If you upgrade your digital devices, it is important to properly disconnect and deactivate the old ones so that whoever inherits those old devices will not have access to your data.
This means that you will need to sign out from the app before uninstalling it. You can also sign out from a certain device remotely inside most accounts nowadays.
5. Protect your devices.
The physical security of your digital devices is equally important. Keep your devices where you use your cloud storage accounts guarded against unauthorized access. Criminals could get straight into your accounts if they get physical access to your phone or laptop.
You don't want to have a phone or laptop lost or stolen only to discover that whoever ends up with it also ends up with all of your personal information.
6. Create a standard process to protect against resigning employees.
It is crucial to ensure employees who leave your organization will no longer be able to access your cloud storage, systems, data, and any other confidential information.
You may seek help from Security Matters if you are unsure of how to manage this internally, how to properly set up, implement, or maintain this process.
7. Provide anti-phishing training to employees regularly.
Employee mishaps are the main reason your cloud data is at risk. Hackers can gain access to secure information by stealing employees' login credentials through social engineering techniques such as phishing, spoofing websites, and social media spying.
This is why offering training regularly is vital to prevent employees from falling victims to scams