Why Your Private Data May Be Safest in the Cloud

April 22, 2016 · steveverbanic · · Comments

Cloud adoption is on the rise, but some still question the security of data in it. Put your mind at ease by understanding the real risks in the cloud and knowing how to avoid them.

First it’s important to understand the cloud isn’t going away anytime soon. It simply provides too many business benefits. Not only does the cloud help you save costs on expensive hardware and software purchasing and maintenance costs, but it also lets you efficiently scale core applications to better meet fluctuating seasonal or peak demands.

More and more companies are catching on to the distinct time-to-market advantages they can reap by spinning up new business initiatives in the cloud to beat competitors to the punch. In fact, Forbes reports worldwide spending on public cloud services will grow at a 194% CAGR from $70 billion in 2015 to $141 billion in 2019.

Clearly, most businesses aren’t letting security issues stand in the way of their cloud computing initiatives. And they shouldn’t.

Cloud computing technology and service providers are maturing fast, and many security and data risks are no longer the show-stoppers they once were. Many organizations find that by following a few basic steps they can actually make cloud-resident data more secure than even that held on premises:

  • Know your controls: Large cloud service providers (CSPs) like Amazon, Microsoft and Google know the importance of security; and they make huge investments in cloud infrastructure processes, controls and staff to ensure customer data remains secure. Organizations considering moving to the cloud should make sure their CSPs offer at least the same controls they use on premise  – from encryption to access control to strong authentication and intrusion detection. You may be surprised to find that CSPs’ deep pockets mean they actually receive better security in the cloud than on premises.
  • Know your encryption: Encryption is the most important control to put in place, although it gets more complex in a cloud environment. Ensure your CSP enables true end-to-end encryption, both in transit to and from the cloud and at rest. The best CSPs let you manage your own encryption keys, preserving true data integrity and ensuring no one can access your cloud data but you.
  • Know yourself: Just about anyone with a credit card can purchase a cloud service these days. It’s important to assess what corporate data is already in the cloud — then put the right on-premises controls, policies and procedures in place to ensure your data remains secure. This means keeping track of who uses the cloud and why, keeping all devices patched and up to date, and limiting internal access to sensitive cloud data.

Knowing the real risks and addressing them upfront is the only way to take full advantage of the cloud. As an expert in the space, SLAIT can help. Whether your cloud initiatives are public, private or hybrid, we can ensure you choose the right deployment and end-to-end security strategy for you. Contact us to learn more!