One of the main concerns that people have about moving their data into the cloud is security. And its easy to understand why, with high profile companies such as Under Armour (in 2018, where 150 million users were affected) or more recently Twitter (having unauthorised tweets sent out from high profile accounts), there is a constant reminder of what can happen if security is breached.
Whilst I would say that no security seems to be infallible, being sensible with how you store your data in the cloud and the security around that will provide you with best protection.
Here are 5 Steps that you can take to ensure your data is secure as possible in the cloud.
User Awareness & Training
They say that charity begins at home, well in the case of cloud computing security begins in the office, with 80% of reported security incidents being linked to phishing attacks it shows that users really need to be aware of the security responsibilities.
It has also been reported that 94% of Malware was delivered by email, with 48% of malicious email attachments being delivered in common office files that people are used to receiving, which means that many of the attacks may not look like traditional phishing attacks to begin with.
But being aware of these facts isn't going to necessarily stop attackers from gaining access to your systems in these ways as the methods for tricking users into giving up credentials are getting more and more sophisticated. With ever changing approaches being used companies need to continually update and train their employees around the latest scams that are being used to ensure vigilance.
Enabling multifactor authentication (MFA) will go a long way to helping secure your accounts as the additional layer of security will help if someone was able to get hold of username and password details.
Multifactor authentication works by requiring a one time code to be entered along side your normal user details. The code is sent to your phone or email, usually needing to be entered within a time limit, and you can't log in without it.
According to Microsoft the use of MFA will reduce your likelihood of being compromised by 99.9% from automated attacks on accounts.
This is a simple, but very effective step.
With cloud solutions users can be given access to an entire system, however, you should ensure that users only have access to data that is relevant for them to do their job.
This step is sometimes missed by people who store their data in the cloud without realising that everyone else with access can also see the same thing. If this is sensitive company information or customer data, access to it should be limited to the correct people.
Ensuring proper access control will mean that should a breach happen not all of the data is exposed.
Ensuring that your data is encrypted is an essential part to keeping your data safe. Many of the leading cloud providers will encrypt your data in storage, meaning that even if hackers get hold of your data its harder to do something with it.
A good example here is with Microsoft Azure which offers end to end encryption for data stored on the Azure side, in transit and on customer facing tools. This ensures that your data is encrypted at every stage.
Finally, one last step is to run audits and compliance checks on your cloud. No matter how well you have implemented your cloud solution there will most likely be areas for improvement.
Using a tool such as the Azure Security Center can help provide advanced threat detection and strengthen security across your infrastructure.
In Part 4 of our Cutting the Cord series we will be looking at "5 considerations when moving your reporting to the cloud".
Don't forget to subscribe to get all of the latest updates from the Sontai Blog directly to your inbox.