Quantcast
Home / Special Sections / Cybersecurity / Keeping your business safe on the cloud

Keeping your business safe on the cloud

Data storage in the cloud has become a mainstay for companies in all industries and of all sizes. Yet as more and more valuable data moves to the cloud, how can businesses stay one step ahead of the security risks?

The 2017 State of the Cloud Report, published by the Santa Barbara, California-based cloud-computing provider RightScale, shows that 95 percent of businesses make use of the cloud in some form.

There are a number of reasons why the cloud is an appealing place to store data. For one, a third-party provider has a broader perspective of cyber threats that can help protect your business, said Dan Shugrue, director of product marketing at Akamai Technologies, a Cambridge, Massachusetts-based cloud-service provider.

“Let’s say you have an e-commerce site and prefer to touch your data yourself. You can be excellent at your job and notice when the latest threat comes in and take measures to block it,” Shugrue said. “But you can’t see who is threatening other companies in your industry, and you can’t put protections in place before they strike.”

Then there’s the cost incentive. Consumer-grade cloud storage, such as Google Drive or a basic Dropbox account, comes free of charge.

“I see a lot of small companies, especially in the Maryland, (Washington, D.C.) and Virginia area, using cloud storage because it keeps your overhead down real low,” said Mark McLarnon, chief technology officer of Baltimore’s CyberPoint International, a cybersecurity firm. “You’re pushed, you’re almost enticed to use things like (Microsoft) OneDrive. Even with the free versions, you get a lot of storage. But what’s overlooked is the risk of unauthorized access.”

What are you storing?

The consumer-grade (technology) tends to be free, but users are paying for it with a lack of privacy, said Donald Spicer, associate vice chancellor and chief information officer of the University System of Maryland.

“If you have a consumer-grade Google account, there is no limitation about what Google is able to look at within your private account. None of that is true when an enterprise pays for a service. It’s all protected, and it’s quite a different service.”

For that reason, upgrading to a paid cloud provider is ultimately worth the investment for many businesses, because you’re more likely to keep your data safe from competitors or other intruders, Spicer said.

While there is still on-premise data storage on USM campuses, the system does rely heavily on the cloud. For example, USM has moved to software-as-a-service solutions for its human resources and financial functions, Spicer said.

However, any USM data stored in the cloud is heavily secured by a number of different measures. For example, data has to be encrypted both in transit and at rest to prevent unauthorized access. USM also has a cybersecurity council with representation from all institutions in the system.

Ultimately, especially for institutions with personal or confidential data to protect, it’s important to stay on top of which setting is safest. That’s the approach followed by Jefferson Health in Philadelphia.

“Being in health care, we have to really look at the sensitivity and criticality of some of the data,” said Robert Dalrymple, director of IS&T security and enterprise information security officer for Jefferson Health and Thomas Jefferson University. “Some data and information, we may not want to have in the cloud, although we can have private and dedicated cloud situations. It’s probably going to be a hybrid final state here at Jefferson.”

Where’s the data?

For managers contemplating the cloud for the first time or wanting to upgrade from a free Dropbox account, what are some important questions to ask prospective providers?

First of all, know where the data will be. “We have an obligation, if we have protected information, to know where it is stored,” McLarnon said. “The internet connects us in ways we don’t always grasp. We could be storing a file with a cloud-storage provider and it might be replicated in Oregon, Ireland or Eastern Europe.”

McLarnon also recommended making sure your provider requires multifactor authentication to access your data. That means anyone looking for access has to provide multiple pieces of evidence to confirm their identity, such as typing in a password and identifying a security image.

Another important question concerns micro-perimeters around the data, said Brian Vecci, technical evangelist at software company Varonis Systems in New York City. “Micro-perimeters are the equivalent of placing a wall directly around the data itself. … (They) restrict access on a need-to-know basis and monitor and alert on all usage for unusual behavior. The idea is that a cybercriminal can and will scale the walls of a castle, so let’s put the crown jewels in a locked safe within a locked room that is monitored 24/7.”

Then there is air gapping. This is the practice of making sure that there is a physical barrier between unsecured public Wi-Fi networks and the place where your data is being stored.

Today, cloud usage is already near-universal in the business world, and that trend shows no sign of reversing. “More data will move to and pass through the cloud as costs go down and functionality goes up,” Vecci said. “The companies that will be ahead of everyone else will be the ones that leverage unified data-security platforms for connecting cloud and on-premise systems into a single framework.”

Leave a Reply

Your email address will not be published. Required fields are marked *

*