Is My Data Safe on the Cloud?

Is my data safe on the Cloud? It is an often asked question but not one that has a straightforward answer.

Being online to advertise your services, communicate with your customers and to compete in markets that are becoming more and more competitive and saturated is a must for any business. In the modern day, all of us use the internet as our first port of call for new business, or to learn about something – we “Google it”.

Having no presence on the internet is simply not an option in today’s business world. However, this often comes back with a big security concern for many individuals, “Is my data safe?” and “What happens if I lose my data?”

There is no single answer to these questions. In the past, security had not been a major issue. Of course there were attacks and breaches, but they occurred on a much smaller scale with less financial backing. It is very different today. Attacks are now carried out by criminal gangs.

There are even websites that offer the opportunity to buy “off the shelf” attacking systems from hacking communities. This allows anyone with any basic knowledge of computers to be able to start an attack. Illegally of course.

So, “Is my data safe?”

The honest answer would be no. You cannot protect yourself 100%. Even the USA government fail to protect themselves fully despite the billions of dollars that they have to throw at the issue. So what chance do small and medium businesses have? Your best bet is to be knowledgeable of the most common risks and mitigate against them.

Your top priority is staff. The attitude of employees is changing and many jobs are no longer 9-5 or specifically office-based. Instead, many employees have the option to work from home, either during the day, or in the evening. They use a number of different devices – many across an unsecure home broadband networks, which are often only protected by a simple password.

Some of the devices in question are owned by the company and some by the employee themselves, which raises the question “What are my staff doing in the evenings?” Are they accessing data they should not be, or worse than that – are they downloading or giving away data?

For specific employees that require remote access, your first priority should be to ensure that they have a Static IP Address on their broadband router. For all remote access to your data, you should configure over a secure VPN tunnel.

Knowing who you are employing is also important – only give them access to sensitive data after a period of probation for example. This gives you time to build up your trust in them before allowing them greater access to company data.

Many of your employees may need to use mobile devices to connect to your company data. Restrictions should be in place as well as capturing log-in data and what data has been accessed.

With technology like this set up, it becomes easier to manage what user rights each of your employees have and to login what data has been accessed and when. However, this software can be expensive, therefore it’s not for everyone.

The second risk a company faces is malicious hacking. This can manifest itself in many different ways, from a simple email that has malicious codeembedded, or websites that have been attacked and embedded with similar malicious code.

Your best course of action here is to install a good firewall. One that comes with a security updates subscription so that it is regularly up-to-date.

If you have these procedures in place then you are improving your chances of restricting an attacker from getting to your data.

Yes, you are right to be concerned about these issues. Follow the points above to mitigate the risk, but remember – if someone really wants to hack you, they will. In which case, make sure you have some backup solutions in place.