Cloud security – whose problem is it?

When confronted with cloud computing, many business owners are sceptical and confused. This is perfectly understandable, since many do not even know what the cloud is. Even those that grasp the concept are unsure about someone else taking control of all their data. This is not just understandable, but an absolutely necessary stance since, in many respects, this data is their business.

The cloud has been with us more or less since the first computers. The days when a mainframe computer took up a good-sized office and ran various terminals remotely, either within the building or between buildings, were the precursor to what is simply a remote server.

Private cloud is owned by the client, either in-house or in their own or rented data centre; public cloud is organised through a third party provider and hybrid cloud is a combination of these.

From a security point of view, it is easiest to say that the client is responsible for all aspects of cloud, since, while it is obvious they need to protect data in their control, they also need to ensure that third party providers are delivering the necessary service to protect their data.

So, it’s all your problem

Just as with any third-party provider (a printer, agent, conference centre, etc) if they get something wrong it may not technically be your fault, but your client will still hold you responsible.

When it comes to data security, then breaches and loss are not just a financial problem but also a brand and credibility problem and is also a legal problem with regard to the Data Protection Act.

This is not to scare anyone. Services from the likes of Amazon, Microsoft, Google will be far more secure than any business could achieve. Smaller providers may be more of an issue, however, and there are various precautions you should take, regardless of the provider.

  • Choose suppliers carefully – understand what they are offering, what their procedures and systems are and determine which are your responsibilities.
  • Protect hardware and infrastructure – ensure you protect your internal hardware like switches, routers and pc’s; software and applications and your network at all levels.
  • Secure data – protect against data loss through implementing policy for storage and access and for use of mobile devices, with particular reference to BYOD. As a secondary measure, if data loss should occur, to encrypt data and emails.

For more information, read this white paper from PC Connection.

 Benefitting from the cloud

Taking precautions should be standard procedure and should not put anyone off the cloud. From the point of view of data being stored on mobile devices, the cloud is invaluable because it stores the data for you, so the danger from lost or stolen laptops, tablets and phones is reduced.

Other benefits include flexibility, agility, scalability, disaster recovery, automatic software updates and cost control. It is also important as part of an agile working policy, enabling employees to work from anywhere, at any time on any device.

So don’t be afraid of the cloud, just take the necessary precautions and make it work for you.

This entry was posted in IT and tagged , , , . Bookmark the permalink.