Below are 4 data strategies to consider to ensure that your corporate data is as safe as possible as you move it to the cloud.
1. Multi-factor authentication
Confirming that the query is from an authorized user who is accessing the data from an authorized computer can significantly narrow down the number of access points, and in the event of a leak, makes it much easier to trace where that leak came from. In fact, here at Daymark, in order to maintain our SOC-2 certification, we must keep a checklist of items to compare against industry best practices, as well as complete a task list every week to make sure that none of the configuration settings have deviated from established norms.
2. Regular cloud backups
Though everyone is familiar with regular backups, fewer people are familiar with how important backups of your cloud infrastructure is. Cloud providers can ensure that your data stays up, but if, for example, a disgruntled ex-employee decides to delete all of your records, there is nothing they can do to restore that data.
3. Defense in depth
Regular firewalls do a great job of keeping intruders out of the perimeter, but if they find a way in, the hackers usually find a nice gooey center to attack the rest of your infrastructure. Windows Firewall provides OS level protection that can give you better defense in case of a breach, but many administrators turn it off. An alternate solution is VMware NSX, which virtualizes the network layer, and can give you many similar protection benefits.
4. Regular patching
The recent Heartbleed bug, and now, the ShellShock bug in Bash, shows just how vulnerable today’s software is, even open source ones. Moving your workload to the cloud provides an even broader platform for which hackers can attack. It is therefore critical to stay on top of security patches for all of your datacenter components, and if a patch is unavailable, protect the data some other way.
Is Your Corporate Data Safer in the Cloud?
Actually, security breaches for cloud providers are much rarer. The largest glitch was arguably when Google deleted 150k Gmail user accounts, which was less than 1% of Gmail users, and Google was able to detect and patch the problem before the issue became widespread.
So why are security breaches much less prevalent for companies who adopt a cloud solution? Cynically, there’s the belief that because cloud vendors are so dependent on their reliable security reputation, evidenced by their frustratingly opaque policies on how they manage and protect companies from security breaches - any security breach would be quickly covered up. But it’s also true that cloud vendors are aware of this perception, and thus take great pains to secure their data.
In fact, I think if you did a study that compared the security breaches of cloud providers versus corporations, you’d find that cloud providers have a better track record of protecting their data.
For cloud service providers like AWS, Azure and vHC, security is always at the forefront of conversations, and in fact their track records support that it’s usually data outages that cause service disruption, and not security breachs that runs the cloud solution.
Unfortunately, even with all this technology and procedures, the answer to “just how secure is my data in the cloud?” is still - “it depends”.
At the end of the day, technology can only do so much to protect your data, and ultimately, security rests on the shoulders of data administrators and your corporate policies around securitizing your data. Yes, there are ways to mitigate that risk, and choosing a secure cloud provider is a big part of that answer.
What do you think? Are you worried about your data in the cloud? Are security concerns preventing you from migrating to the cloud? Let us know in the comments below!
About the Author
Michael Chen is a Consultant at Daymark Solutions and specializes in virtualization, as well as backup and data recovery for enterprise companies in Financial Services, Telecomm, and Healthcare. Michael holds various certifications from VMware, EMC, Hitachi, and Symantec