10 Things I Know About … Cloud security

leadership team img1

By Michelle Drolet

Founder & CEO

Ms. Drolet is responsible for all aspects of business for Towerwall. She has more than 24 years of,

Read More

10) Got cloud?

According to Cloud Security Alliance, more than 70 percent of the world’s businesses now operate in some capacity on the cloud.

9) Cloud positive.

Running apps in the cloud offers lower fixed costs, auto updates, easier collaboration, disaster recovery, scalability, pay-as-you-go options, lower tech support costs and access from any device.

8) Cloud negative.

The cloud is no stranger to data breaches, bad actors, malware injections and hijacked accounts. Ponemon says breaches are 3x more likely for businesses utilizing the cloud.

7) Sharing.

Cloud security is a shared responsibility. The cloud service provider protects its infrastructure, but businesses/users must password protect their apps.

6) Backup data locally.

While the cloud appears like a backup safeguard, it’s not designed to be one, so better to do your own backups or use a third-party service.

5) ID theft.

Like the internet, there’s no privacy in the cloud. Avoid storing sensitive information such as passwords, credit/debit card details, social security numbers, IP, etc. on the cloud.

4) Encryption.

Use cloud providers that encrypt your data. This double security ensures data has to be decrypted for it to be accessed. Encryption protects data from unauthorized users. Use third-party tools to encypt files before uploading to the cloud.

3) Install anti-virus.

Malware & viruses can expose your system to file deletion, access your personal data or commandeer your laptop camera (cover your lens by taping a piece of paper). Most anti-virus programs will scan and update automatically.

2) Use strong passwords.

A nuisance when they expire, now special characters, numbers and non-repeatable items are required. Sites exist to help you create inventive passwords. Get used to changing them often.

1) Third-party testing

.
Hire a third-party data security service to perform penetration, app, mobile and network testing for vulnerabilities. These tests are as much important on cloud as on premise.

This article was originally posted in Worcester Business Journal >