Should you rely on your cloud provider’s security?
Storing data in the Cloud has really only been ‘a thing’ during the last decade but most enterprises now have some kind of cloud presence. So the question arises, just how secure is your data when there?
Many organisations consider that because data is stored in the Cloud by a third party, the burden of responsibility moves from themselves to their service provider, but they would be wrong, the final responsibility remains theirs.
Of course, cloud storage offers convenience, reliability, scalability, cost savings, and yes, security. However, this needs to be underpinned by some baseline strategies before being moved across.
Firstly, ensure data is secured using multi-factor authentication. This should be set up generally, but especially for administrator accounts, where hackers are particularly active due to their high-level access privileges.
As human error remains the number one cause of cyber attacks, ensuring employees are continually trained, kept up to date with security protocols, and employ strong passwords is critical, and, only allow access to areas essential for employees to carry out their work. Controlling who has access to data will reduce the chances of it falling into the wrong hands.
When an employee leaves the company, do not forget to remove all their access rights and delete them.
Know what data you have and where it is stored. This is important not only as a good security practice but for any Subject Access Requests you may receive under GDPR. If your data is scattered, your only resort is to use a data discovery tool to find it.
Realise the importance of each category of data and ask yourself what are the consequences should this data get leaked, tampered with, or deleted? Would you face regulatory fines, incur revenue losses, would it impact you operationally?
Email is critical to any business operations and we can’t live without it. Be sure that your email service is as secure as it can be and remember, it’s always best to be sceptical of any email you get and keep in mind the spam warning signs.
Finally, back up! You can choose to back up with another cloud provider, or locally on an external hard drive or disk. You can also keep them off-site but make sure the data is encrypted for extra protection.
Data protection is not only an important part of maintaining trusting relationships with customers, suppliers, and stakeholders, it’s also a legal requirement, and you could suffer real consequences if you experience a breach because you’ve not taken the necessary steps to keep your data secure.
Relying solely on your cloud provider is not an option.
Every organisation can benefit from added protection. Call us on 0844 586 0040, or email [email protected] and we’ll be happy to advise you.