Cloud Storage Security Controls

Cloud Storage Security Controls

Cloud Storage Security Controls

Ask anyone who has fought in a war and they will tell you it’s an experience you can’t emulate. Many people have seen the eyes of their enemies as they fight. But what happens when your enemy is a thousand miles away, yet has all the information they need to know about you; location, strength, response time etc.

The world is run on information. Little 1’s and 0’s sent to the right place can do a lot more damage sometimes than any gun. And it is becoming obvious that the information we keep on our computers is no longer as safe as we’d hope.

Take Cloud storagecloud-storage-providers. This is a current buzzword for information storage, and quite an amazing thing it is too. Networked data centers which negate the need for hard drives and disc drives to a certain extent. Information available 24 hours a day, 7 days a week from any physical location with internet access.

Innovative? Yes. Convenient? Certainly. But how much trust to you put in a system that can be accessed anywhere, and by anyone given the right tools and talent?

People such as Joseph Thomas Colon were able to hack into a secure database (the FBI in this instance.) Is it really such as great idea to keep your files permanently online, transferring them to other servers without considering the security issues?

Before considering putting your information in Cloud storage, consider the levels of control that you will require. The dictionary definition of a security control is thus: ‘ …safeguards or countermeasures to avoid, counteract or minimize security risks.’

Here are 4 examples of such controls:

Deterrent

Ensure the storage has at least some form of warning system that can act as a deterrent to unlawful access.
This is the electronic equivalent of the sign you would put in your window that says “Warning: Guard Dog on Premises.”
Examples of these include:

  • Logon Warning – Ensure that a person is aware of the rights to enter your site or information storage.
  • Creation of appropriate access banner on entry pages
  • A deterrent control tries to stop malicious activity before it even begins.

Preventative

Ensure that any security issues have already been broached. By managing the vulnerable parts of the storage, damage can be limited.

One example of this would be the inclusion of a proxy server.

This can act as a ‘bouncer’ between your information and the person(s) wishing to access it. Requests for your information can pass through this server, reducing the risk of a security breach.

Corrective

These security issues can be resolved after an attack or damage has taken place. Real time security is important.

An example might include the changing of passwords and usernames as soon as you are alerted to the security breach. Another might be a limitation of the time spent on your Cloud storage, to minimize potential breaches.
The downside to corrective controls is that often, a breach must have taken place, allowing you to see where you need to plug the holes as it were, in your system security.

Detective

These controls will detect any unlawful users, slaving itself to the corrective and preventative controls to ensure a minimal amount of damage. This might include a complete listing of possible ‘what if…’ scenarios. Using a plan of development, you can often stop an attack before it begins.

An example might be hiring or yourself trying to unlawfully access your information in an attempt to test the defenses.

Try to keep these four controls in mind when requesting, using or accessing information in Cloud storage. By using one or all of these controls, you can really limit the potential damage that may occur when keeping your sensitive information completely online.

By Susie Francis

This post was written by Susie Francis a content writer for HANDD, the secure file transfer specialists. When Susie isn’t surfing the web and writing great content she likes to build things.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comics
Through the Looking Glass: 2017 Tech and Security Industry Predictions

Through the Looking Glass: 2017 Tech and Security Industry Predictions

2017 Tech and Security Industry Predictions As we close out 2016, which didn’t start off very well for tech IPOs, momentum and performance has increased in the second half, and I believe that will continue well into 2017. M&A activity will also increase as many of the incumbents will realize that they need to inject…

Cloud Services Providers – Learning To Keep The Lights On

Cloud Services Providers – Learning To Keep The Lights On

The True Meaning of Availability What is real availability? In our line of work, cloud service providers approach availability from the inside out. And in many cases, some never make it past their own front door given how challenging it is to keep the lights on at home let alone factors that are out of…

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…

How The CFAA Ruling Affects Individuals And Password-Sharing

How The CFAA Ruling Affects Individuals And Password-Sharing

Individuals and Password-Sharing With the 1980s came the explosion of computing. In 1980, the Commodore ushered in the advent of home computing. Time magazine declared 1982 was “The Year of the Computer.” By 1983, there were an estimated 10 million personal computers in the United States alone. As soon as computers became popular, the federal government…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Success for Today’s CMOs Being a CMO is an exhilarating experience – it’s a lot like running a triathlon and then following it with a base jump. Not only do you play an active role in building a company and brand, but the decisions you make have direct impact on the company’s business outcomes for…

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises The surface costs might give you pause, but the cost of diminishing your differentiators is far greater. Will a shift to the cloud save you money? Potential savings are historically the main business driver cited when companies move to the cloud, but it shouldn’t be viewed as a cost-saving exercise. There…

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks: The Top 8 According To ENISA

Cloud Security Risks Does cloud security risks ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that, and…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…