Cloud Storage Security Controls

Cloud Storage Security Controls

Cloud Storage Security Controls

Ask anyone who has fought in a war and they will tell you it’s an experience you can’t emulate. Many people have seen the eyes of their enemies as they fight. But what happens when your enemy is a thousand miles away, yet has all the information they need to know about you; location, strength, response time etc.

The world is run on information. Little 1’s and 0’s sent to the right place can do a lot more damage sometimes than any gun. And it is becoming obvious that the information we keep on our computers is no longer as safe as we’d hope.

Take Cloud storagecloud-storage-providers. This is a current buzzword for information storage, and quite an amazing thing it is too. Networked data centers which negate the need for hard drives and disc drives to a certain extent. Information available 24 hours a day, 7 days a week from any physical location with internet access.

Innovative? Yes. Convenient? Certainly. But how much trust to you put in a system that can be accessed anywhere, and by anyone given the right tools and talent?

People such as Joseph Thomas Colon were able to hack into a secure database (the FBI in this instance.) Is it really such as great idea to keep your files permanently online, transferring them to other servers without considering the security issues?

Before considering putting your information in Cloud storage, consider the levels of control that you will require. The dictionary definition of a security control is thus: ‘ …safeguards or countermeasures to avoid, counteract or minimize security risks.’

Here are 4 examples of such controls:

Deterrent

Ensure the storage has at least some form of warning system that can act as a deterrent to unlawful access.
This is the electronic equivalent of the sign you would put in your window that says “Warning: Guard Dog on Premises.”
Examples of these include:

  • Logon Warning – Ensure that a person is aware of the rights to enter your site or information storage.
  • Creation of appropriate access banner on entry pages
  • A deterrent control tries to stop malicious activity before it even begins.

Preventative

Ensure that any security issues have already been broached. By managing the vulnerable parts of the storage, damage can be limited.

One example of this would be the inclusion of a proxy server.

This can act as a ‘bouncer’ between your information and the person(s) wishing to access it. Requests for your information can pass through this server, reducing the risk of a security breach.

Corrective

These security issues can be resolved after an attack or damage has taken place. Real time security is important.

An example might include the changing of passwords and usernames as soon as you are alerted to the security breach. Another might be a limitation of the time spent on your Cloud storage, to minimize potential breaches.
The downside to corrective controls is that often, a breach must have taken place, allowing you to see where you need to plug the holes as it were, in your system security.

Detective

These controls will detect any unlawful users, slaving itself to the corrective and preventative controls to ensure a minimal amount of damage. This might include a complete listing of possible ‘what if…’ scenarios. Using a plan of development, you can often stop an attack before it begins.

An example might be hiring or yourself trying to unlawfully access your information in an attempt to test the defenses.

Try to keep these four controls in mind when requesting, using or accessing information in Cloud storage. By using one or all of these controls, you can really limit the potential damage that may occur when keeping your sensitive information completely online.

By Susie Francis

This post was written by Susie Francis a content writer for HANDD, the secure file transfer specialists. When Susie isn’t surfing the web and writing great content she likes to build things.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comic
InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Taking the Technology Industry by Storm

InformationWeek Reveals Top 125 Vendors Five-part series details companies to watch across five essential technology sectors SAN FRANCISCO, Sept. 27, 2016 /PRNewswire/ — InformationWeek released its list of “125 Vendors to Watch” in 2017. Selected by InformationWeek’s expert editorial team, the companies listed fall into one of five key themes: infrastructure, security, cloud, data management and…

Part 1 – Connected Vehicles: Paving The Way For IoT On Wheels

Part 1 – Connected Vehicles: Paving The Way For IoT On Wheels

Connected Vehicles From cars to combines, the IoT market potential of connected vehicles is so expansive that it will even eclipse that of the mobile phone. Connected personal vehicles will be the final link in a fully connected IoT ecosystem. This is an incredibly important moment to capitalize on given how much time people spend…

Embedded Sensors and the Wearable Personal Cloud

Embedded Sensors and the Wearable Personal Cloud

The Wearable Personal Cloud Wearable tech is one avenue of technology that’s encouraging cloud connections and getting us all onto interconnected networks, and with the continued miniaturization and advancement of computing the types of wearable tech are always expanding and providing us with new opportunities. A few years ago, smartwatches were rather clunky devices with…

SWIFT Says Bank Hacks Set To Increase

SWIFT Says Bank Hacks Set To Increase

Bank Hacks Set To Increase SWIFT, whose messaging network is used by banks to send payment instructions worth trillions of dollars each day, said three clients were hacked over the summer and cyber attacks on banks are set to increase. The theft of $81 million in February from Bangladesh’s central bank using SWIFT messages rocked…

Security: Avoiding A Hatton Garden-Style Data Center Heist

Security: Avoiding A Hatton Garden-Style Data Center Heist

Data Center Protection In April 2015, one of the world’s biggest jewelry heists occurred at the Hatton Garden Safe Deposit Company in London. Posing as workmen, the criminals entered the building through a lift shaft and cut through a 50cm-thick concrete wall with an industrial power drill. Once inside, the criminals had free and unlimited…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

5 Ways To Ensure Your Cloud Solution Is Always Operational

5 Ways To Ensure Your Cloud Solution Is Always Operational

Ensure Your Cloud Is Always Operational We have become so accustomed to being online that we take for granted the technological advances that enable us to have instant access to everything and anything on the internet, wherever we are. In fact, it would likely be a little disconcerting if we really mapped out all that…

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence All businesses need a strategy and processes for governance, risk and compliance (GRC). Many still view GRC activity as a burdensome ‘must-do,’ approaching it reactively and managing it with non-specialized tools. GRC is a necessary business endeavor but it can be elevated from a cost drain to a value-add activity. By integrating…

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing Despite the rapid growth of cloud computing, the cloud still commands a small portion of overall enterprise IT spending. Estimates I’ve seen put the percentage between 5% and 10% of the slightly more than $2 trillion (not including telco) spent worldwide in 2014 on enterprise IT. Yet growth projections…

The Future Of Cybersecurity

The Future Of Cybersecurity

The Future of Cybersecurity In 2013, President Obama issued an Executive Order to protect critical infrastructure by establishing baseline security standards. One year later, the government announced the cybersecurity framework, a voluntary how-to guide to strengthen cybersecurity and meanwhile, the Senate Intelligence Committee voted to approve the Cybersecurity Information Sharing Act (CISA), moving it one…

New Report Finds 1 Out Of 3 Sites Are Vulnerable To Malware

New Report Finds 1 Out Of 3 Sites Are Vulnerable To Malware

1 Out Of 3 Sites Are Vulnerable To Malware A new report published this morning by Menlo Security has alarmingly suggested that at least a third of the top 1,000,000 websites in the world are at risk of being infected by malware. While it’s worth prefacing the findings with the fact Menlo used Alexa to…

Cloud Computing – A Requirement For Greater Innovation

Cloud Computing – A Requirement For Greater Innovation

Cloud Computing Innovation Sao Paulo, Brazil has had trouble with both energy and water supplies as of late. Despite it is the rainy period. Unfortunately Sao Paulo is very dependent on its rain as a majority of its power is generated from large dams. No water, no energy. Difficult situation for a city of some…

The Future of M2M Technology & Opportunities

The Future of M2M Technology & Opportunities

The Future Of The Emerging M2M Here at CloudTweaks, most of our coverage is centered around the growing number of exciting and interconnected emerging markets. Wearable, IoT, M2M, Mobile and Cloud computing to name a few. Over the past couple of weeks we’ve talked about Machine to Machine (M2M) such as the differences between IoT and…

Cloud Security: The Top 8 Risks According To ENISA

Cloud Security: The Top 8 Risks According To ENISA

Cloud Security Risks Does security in the cloud ever bother you? It would be weird if it didn’t. Cloud computing has a lot of benefits, but also a lot of risks if done in the wrong way. So what are the most important risks? The European Network Information Security Agency did extensive research on that,…