In a recent study by PWC, over 10,000 IT professionals were asked about the steps they take to ensure information security. Almost 70% reported that their companies use cloud-based cybersecurity services. There are many reasons it makes sense for companies of all sizes to use these services, yet many are wondering: are they truly secure? Let’s dig deeper into the advantages of the cloud for data security and consider the steps organizations can take to keep their data as secure as possible.
Why are Companies Turning to the Cloud to Meet Their Cyber Security Needs?
Cyber security offers a cost-effective way to protect data, and many small- and mid-sized companies turn to cloud-based cyber security for this reason alone.
But cloud computing also makes it possible for a wide range of analytical steps that were out of reach for small and mid-sized companies just a few years ago. With these new options comes fresh paranoia that sensitive information is at risk. However, file security on the cloud is ever-evolving and most experts agree that the risks are outweighed by the advantages.
Of course, security isn’t the only reason or even the main reason organizations turn to the cloud. The very nature of cloud computing allows organizations virtually unlimited computing power. This results in faster responses and better solutions to their IT needs.
The Potential Risks of Cyber Security
In order for your organization to decide that file security is sufficient on the cloud, follow these essential steps. Begin by investigating exactly who your cloud provider is. They should be highly reliable, and you should look diligently to ensure there won’t be hidden costs down the road.
Some cloud providers use third-party data security providers, which gives that third party access to their network traffic. There have been breaches of cloud-based services in this scenario. Remember that the cloud model is fairly new, and it’s important to both prioritize and protect any sensitive information your company has.
These third-party cyber security companies are generally much cheaper than hiring an independent team. In fact, having just a single cyber security expert on payroll runs about $100,000 on average. Then of course there are additional costs, including servers.
It’s Impossible to Make Anything “Hack Proof” but You Can Optimize Your Cloud Storage
It’s true that data on the cloud can be hacked, but it’s also true that regardless of the way an organization stores their data there is always risk of it being breached. While it may be impossible to make your data totally “hack proof,” there are steps that can be taken to increase security:
- Protect your passwords. Ensure they’re different for every platform you use. Using password managers is more secure than not using them. If two-factor authentication is an option, take advantage of it.
- Audit all connected apps, devices, and other services. If you have old applications that you no longer use, but they still have access to your cloud storage, then you need to remove them.
- Review your cloud security provider’s privacy and encryption policy.
- Audit your own files to remove or encrypt data that’s especially sensitive.
- Remember that cloud storage is not the same as backup storage. If you have any documents that your organization would be devastated to lose, make sure they’re being backed up manually.
Further Privacy Concerns: What’s the Government’s Role?
Most online file security will claim to be encrypted, but you don’t have guarantees. The reality is that the federal government can legally access metadata and a wide range of other data that’s saved online, even without a warrant. While most organizations have nothing to worry about, the reality is that a rogue federal employee could theoretically gain access to documents, or a well-intentioned employee could open up an organization to hackers when they access secure online storage.
Consider that Google receives regular requests for access to user information from both the U.S. government and governments around the world. In 2014, they received more than 21,000 government requests involving more than 33,500 user accounts. According to their own statistics, Google provided some amount of data in about 66% of the cases governments asked for it.
Compare these stats to Microsoft. In the same year they received more than 70,000 requests, which affected about 122,000 accounts. This is more than three times the number of requests Google received, yet Microsoft only turned over content in 2.2% of the requests, for a total of 1,558 accounts affected.
When it comes to cyber security, one thing is clear: there isn’t a place where data is 100% safe at all times. This is true even for companies who keep paper files—they’re always at risk of being damaged, destroyed, or stolen. However, cloud storage brings lots of advantages and most experts agree that the risks associated with it are well worth it, especially if you take steps to optimize usage.