– By Dr. Gene Lloyd –
Cloud storage is so popular today and there are so many variations to this service that it can be easy to miss some important details about how this service works. Cloud storage offers us the incredible ability to access our data from anywhere we have an internet connection, and in this hyper mobile connected world we live in, cloud storage makes a lot of sense and provides a great degree of convenient access. But before you jump into an agreement with a company to provide you with cloud storage services, you should be asking them a few key questions.
1. Who will have access to my data while it is stored on your cloud? Will your employees routinely look at or access any of my files?
2. What type of vetting process do you have for the employees who work in your cloud storage division that ensures they are not likely to steal user data?
3. What form of redress will be provided to me if my data is compromised while stored on your systems?
Each of these questions go to the root of the security concerns around cloud storage. A big part of this comes down to risk acceptance. Any organization choosing to store their data on someone else’s infrastructure is accepting the risk that their data may be compromised by an unknown 3rd party individual. The reality is that you don’t know who works for that company or whether or not they will ever try to steal your data. Corporate espionage isn’t talked about much, but it is very real. Remember the famous Apple Cloud photo theft that happened to celebrities a few years ago? Apple claimed hackers targeted specific accounts. That may be true, but I would like to add that it would have been incredibly easy for any employee working in Apple’s Cloud divisions to access and distribute the files. This always felt like an insider access case to me. And then we have DoD’s recent announcement that they are using Amazon’s cloud storage services to store classified data. I’m don’t know who made that decision, but I can guarantee Amazon’s servers are going to see an uptick in hacking attempts from foreign governments (if they haven’t already) as a result of these agreements.
Now, there’s an easy alternative to these potential security risks. If you want to use a public cloud storage service, just make sure all your stored data is encrypted. That solves the issue of prying eyes and hackers. The other alternative is to build your own in-house cloud storage solution that your employees manage and maintain. That will give you a greater level of control while still allowing for mobile access. If you need some more advice on this, or want some help thinking through how to keep your data secure, the Lloyd Research Institute is ready to give you strategic advice targeted to your specific situation. Fill out the form below to set up a free consultation today!
Sign up for a FREE consultation
Get a free 1-hour telephone consultation with a cyber security expert with no required commitments -- a $500 value!