17 April 2019 | Sebastian Bucur
Seven Ways to Secure Your Cloud Data
There are three misconceptions about the cloud. First, that it is secure by default; second, that you can migrate to it yourself; and third, that it’s water vapor.
Cloud in itself, as an infrastructure, is very secure. If Google, Microsoft and Linux experts cannot be trusted to do a good job then all hope is lost. They can be trusted, which is why cloud is secure. The best analogy to illustrate the concept is a country’s security. Borders are secured, monitored and patrolled – yet you still have to lock your car and home inside that secure country. The same goes for the cloud: you still need passwords, encryption, a firewall, etc.
Yes, cloud providers have developed intuitive and user-friendly interfaces, but we strongly recommend you use certified people with good reputations to set up your cloud infrastructure. You use a professional for the same reason you wouldn’t connect your new home to the power grid yourself. You would ask a licensed electrician to do it because some jobs are best left to those with specialized knowledge.
Larry Ellison (CEO of Oracle) once jokingly said that cloud is not water vapor. That’s right! Data is still stored somewhere physically in a high-speed, high-capacity data center on normal hard disk drives. The only difference is that your company does not have to take care of that infrastructure; you virtually rent part of those resources for a monthly fee (depending on what you use).
- Back up data locally At least sensitive or important data
- Avoid storing sensitive information But if you have to, then use ‘immutable buckets’
- Encrypt your data Use cloud services to encrypt the data
- Encrypt the data before uploading to cloud Cloud hackers have no access to your local passwords or keys.
- Read the terms & conditions of your cloud service provider Know how cloud provider manages and stores your data
- Secure the end-user devices that are accessing cloud-based resources For access to the cloud, take all measures available
- Perform a regular security audit Hire professionals to simulate malicious attacks in order to discover security weaknesses in your cloud configuration, networks and applications.
A word of advice: Whether you store your data on the cloud or on local server, you must not focus on data loss or hardware failure – technology is so advanced that it’s not a problem anymore. Worry about human error, bugs in application software, viruses, malware, and employee sabotage