People often talk about the efficiency of the cloud. It is the way it enables users to access their documents across continents on portable devices and share seamlessly with friends and work colleagues. The use of cloud storage is growing in popularity day by day, as businesses begin to realise this value. Other managed security services, such as infrastructure (IAAS) and outsourced server management also allow businesses access to vital technological advances in a cost effective way, helping companies to embrace the ‘digital age’.
Generally a monthly or yearly subscription fee will be paid, meaning a much more affordable outlay than having to buy full licences or investment in expensive hardware. It means consistently up-to-date technology, something that no business can live without. Plus, of course, you are ensuring that your data, and your clients’ data, is being stored and protected by a reputable and trustworthy provider. This means of course that your data is safe and will be dealt with responsibly. Right?
Interestingly, no. No matter how reputable or responsible the provider you are storing with, your documents are still open to theft, tampering or seizure in their usual format, with the potential risks that that brings. When you compare a letter that is safely filed in an envelope under lock and key in your office, compared to one that is being shared across a vast ocean of web space by a company who has left it open to view, you can begin to see the problem.
Part of that problem is the use of third party storage partners. A useful metaphor in this instance is to think of a set of child’s blocks. If, for instance, you have a block that is triangular, you can pass that to your storage provider, an Amazon for example, and they will see that it is a triangle shape. They in turn will pass that triangle onto their third party storage partner, who will also see that it is a triangle. The block will then put in a box under lock and key by the third party, meaning it is safe from prying eyes. The problem. The third party have the key.
The solution to this conundrum is a Managed Encryption Service. This is a method that renders data unreadable to people who aren’t authorised to read it. It also monitors who is trying to access and when. This security feature means that now when you transfer your cloud storage facilitator the block it is already hidden. It may still be a triangle, but they have no way of knowing it. To them they are putting a box inside a box, meaning complete privacy and security from anyone who might want to take advantage of its contents.
At Digital Pathways we supply a Managed Encryption Service to meet exactly these needs. The keys to your encrypted box are kept completely separate, with you having the only pair. Access is in your hands, ensuring the data stays completely secure too. It is a simple process but one that is often overlooked until it is too late. Encryption in many ways is something we apply to so many other areas of our lives, and yet not to something equally as valuable online. A postman isn’t given the keys to your house, simply the means to supply you the letter confidentially. A plumber too may be invited in, but is likely to be given restricted access to areas of your home rather than free reign. The same should surely apply to your data, and the access you allow storage providers and their third party partners.