Dropbox, Box, Google Docs, Microsoft Office 365, SkyDrive, SugarSync … the list of cloud organizations seems to grow every day. But given the attractiveness of this concept, there’s also security risks of cloud-based services.
Cloud computing has emerged in recent years to be one of the most interesting developments in technology. When it comes to protecting data, many believe backup and saving data is what matters most. It was just last week we celebrated World Backup Day in an effort to raise awareness around the necessities of preserving our data.
We can backup, but can we secure?
One focus of current discussions in security cloud computing is the fact that customers seem to have complete confidence in cloud service providers, with respect to the security and integrity of their data, as well as the operations of the accounts, which are supposed to be free of errors. But what happens in the event that the service provider is unable to maintain the confidentiality of your data due to gaps in security control?
Dropbox already suffered one major security breach last year, where users were able to access anyone’s data without a password. Security experts believe it will be a matter of time before similar incidents could happen with any cloud storage provider.
Mobile workers present new security challenges for the cloud
Companies are focused on ensuring the safety of end systems such as desktop and laptop computers, as well as data management, but most of them do not apply the same processes and methods of control for the fastest growing computing platform in the market: smartphones and other multi-functional mobile devices.
According to an IDC report, there were more than 105 mobile workers present in the US in 2010 alone. The global number will increase to more than 1.3 billion by end of 2015.
Enterprises also face unique challenges for the security and management of mobile devices, as many users either bring their own devices into the workplace or use their business devices for personal use. Many enterprises lack the ability to adequately support and extend access to various consumer devices, like the iPhone, iPad and Android devices, which puts both corporate data and business communications at risk.
“We cannot ignore the new mobile reality. Businesses need to take proactive steps to stay ahead of the trend by classifying data and then procuring both storage and mobility solutions commensurate with the security requirements of that data. Cloud storage solutions like Dropbox do offer mobile access features, but at their core, they are just storage solutions that focus on making storage convenient, not making data access secure,” says Chris Hopen of Tappin, the secure content mobility solution provider.
So providing secure information through identity, protection and context, in addition to the right approach to mobile security and management, is a key extension of protection for enterprises. By providing mobile security and management for smart devices, enterprises can allow their employees to use their device of choice without putting corporate data at risk.
New security for today’s cloud
There are new types of cloud computing vendors emerging with security in mind, providing more security for your data. Tappin, the Seattle-based mobile file sharing innovator, provides users instant access and secure file-sharing for all files stored on an office or home computer, from any web browser and all popular mobile devices.
In conclusion, there are some simple tips and tricks and best practices that enterprises can adopt before choosing a service provider:
• There will be sensitive data processed outside the organization which will bring some risks. It is therefore right to ask the service provider to provide information about who are the persons responsible for data management and the extent of their control over access to this data.
• Companies can make sure that the service provider is subject to external scrutiny and holds a certificate-based security.
• Cloud computing is a shared environment and therefore companies needed to ensure that their data is isolated from rest of the customers.
• The cloud service provider should implement a policy to backup customers data regularly to make sure data will be available to customers in case of any disasters.