[img src=”/wp-content/uploads/sites/2/2014/06/3-HOLES.jpg” class=”aligncenter”]
As more companies begin investing in cloud computing infrastructure for their businesses, including many of our clients, one of the questions that I always get is “Aren’t there quite a few security risks with cloud computing?” The short answer is, yes and no.
Are there security risks in cloud computing? Yes. However, the risks are not necessarily in the security of the cloud data centers where the data resides; the risk is in not controlling the way your business connects to and handles its data in the cloud.
Cloud computing itself is not necessarily a security risk. In fact, many business-class cloud providers have some of the highest levels of security in place. In addition, many cloud providers are as compliant as they can get: HIPPA, PCI, ITAR, SEC, and more. In fact, meeting compliance requirements is a common driver for businesses to move to the cloud, because most of these providers are required to meet these regulations and do the heavy lifting for you already.
So, where is the risk?
Great question. There are 3 main areas that provide security risks in any cloud computing solution:
1. Internal Networking
When you access your data in the cloud from your internal network, you are essentially making a long-distance connection to your data. It’s important to keep this long distance connection secure and you can do this through your internal network. You must examine each part of your internal network and review its strength in the security chain. You should be using business-grade security products. How secure is your wireless? Do you have dual-redundant firewalls set up? Do you have a dual-redundant internet circuit from at least two different internet service providers?
Another question to ask is ‘What is your internal uptime?’ Your internal uptime is the amount of time your business needs access to its systems. Even if your cloud solution has 99.9% or better uptime, it is only as good as the network you use to connect to it.
2. Password Strength
This should go without saying, but unfortunately it’s one of the greatest causes of security risks in cloud computing solutions. It is absolutely important that you ensure proper, secure password protocols across your entire business. This should include your computer logins, your WIFI logins, your cloud app logins, etc. A good password protocol is a simple yet effective way to mitigate a lot of potential security risk with a cloud solution.
3. Data Control
The problem a lot of businesses face is loss of data control. Data control is taking into consideration where your data resides, how it can be moved around, and who can move it. And the main reason businesses face this security risk is because they are relying on consumer-based cloud solutions. There are many consumer-focused cloud solutions out there that do not provide the level of security and control that a business requires. Some businesses need to consider implementing internal data loss prevention systems, which can include a business-focused cloud solution.
When we talk to any of our clients about cloud solution strategy, we recommend solutions that provide the security, control, and compliance that their business needs.