One of the biggest technical issues plaguing companies around the globe is security of their systems and information. The vast majority of companies store their data on computers, with many moving some or all of it onto the cloud. When employing the cloud, companies have to trust the provider’s security, which has come under attack with increasing intensity in the past few years.
In this year alone, nearly every major cloud provider has had issues with their services. From natural disasters to hackers, companies have seen their data exposed or unavailable, and this isn’t the first time this has happened. In 2011, Sony Entertainment had nearly 77 million accounts hacked, exposing user’s information, Dropbox had numerous service outages, and Gmail had a 30 hour outage that resulted in 44,000 accounts being lost. The list goes on and issues since 2011 go to show that cloud providers and their systems aren’t invulnerable.
Despite numerous attacks and problems, many data centers where cloud providers have their servers are physically secure. Google’s recent security video is a good example of how secure the physical locations are.
When companies talk about cloud security however, they don’t just talk about how secure their physical location is, they also strive to protect against three other elements:
- Service outages
- Confidentiality of your personal information and control over who can access it
- Privacy of banking details and other related information
If your company utilizes cloud services there are a number of things you need to be aware of when it comes to security:
- According to all cloud providers, liability for sensitive data stored in the cloud rests with your company, not the provider.
- Some cloud vendors provide reports written by a neutral third party on the security of their service. These should be taken into account when looking for a provider.
- As with anything online, you should be taking steps to backup data stored in one cloud to a secure physical location.
- You should establish a process that encourages your employees to change their passwords at least every three months.