The Dangers of Software As A Service

The cloud is a fantastic piece of ingenuity. The ability to store huge amounts of data away from your machine creates a wealth of space, as well as ensures that your documents are accessible from anywhere on the globe. The cloud as a concept is a brilliant one, and gives companies the ability to sell software as a service. Rather than simply sell a customer a storage device, they are able to instead charge an ongoing rate. Big industry names, such as Salesforce and Sage, are such big hitters in the market thanks in part to their ability to utilise the cloud to create a more seamless experience. Everything about the cloud seems to work. Everything except its security.

When you allow an organisation to store your data and documents, you are also trusting them to protect them too. On a personal device you are able to set up and monitor your own encryption software, as well as ensure that all firewalls are properly maintained. This isn’t possible when storing in the cloud and there is no guarantee of safety.

The interesting thing about the service agreements that organisations like this use is that they have very specific terms. There is no concrete promise that you will be protected, with instead a commitment to protection 99.99% of the time. If you are hacked, the organisation is therefore covered, and no compensation is likely to be distributed. You are trusting someone else to take the same care you would, but that has made no assurances to do so.

The metaphor we often use at Digital Pathways is to look at your storage in the same way as you would your home. By trusting an external company, you are effectively giving them the keys to your house. They are free to go inside, look through the cupboards and drawers, and help themselves to the fridge, and all you can really do is hope that they lock the door on the way out. If they don’t? Well, then not only are you likely to lose your belongings, but your insurance is invalid too.

Most companies won’t consider their data to be important, and therefore use software as a service primarily for the convenience it offers. What they forget is that everything about your company is able to be collected by the storing company, from pricing matrixes, to tenders, contracts and client information. All of this is being cared for by someone else, someone who can’t 100% guarantee their protection.

All of this isn’t to say that cloud storage doesn’t have its uses. It really is a convenient, space saving option. What we recommend is not to completely disregard the technology, but instead to filter what is uploaded to it. For non-critical information, web services are perfect. Anything regarding HR, or the real ‘Crown Jewells’ of your organisation, then you must rely on personal servers. Protect what is important and utilise cloud storage for the rest. Only then can you be sure that you are protected.

2016 Cyber Predictions
What can we learn from the Talk Talk hack?