Cloud Storage Security Controls

Cloud Storage Security Controls

Cloud Storage Security Controls

Ask anyone who has fought in a war and they will tell you it’s an experience you can’t emulate. Many people have seen the eyes of their enemies as they fight. But what happens when your enemy is a thousand miles away, yet has all the information they need to know about you; location, strength, response time etc.

The world is run on information. Little 1’s and 0’s sent to the right place can do a lot more damage sometimes than any gun. And it is becoming obvious that the information we keep on our computers is no longer as safe as we’d hope.

Take Cloud storagecloud-storage-providers. This is a current buzzword for information storage, and quite an amazing thing it is too. Networked data centers which negate the need for hard drives and disc drives to a certain extent. Information available 24 hours a day, 7 days a week from any physical location with internet access.

Innovative? Yes. Convenient? Certainly. But how much trust to you put in a system that can be accessed anywhere, and by anyone given the right tools and talent?

People such as Joseph Thomas Colon were able to hack into a secure database (the FBI in this instance.) Is it really such as great idea to keep your files permanently online, transferring them to other servers without considering the security issues?

Before considering putting your information in Cloud storage, consider the levels of control that you will require. The dictionary definition of a security control is thus: ‘ …safeguards or countermeasures to avoid, counteract or minimize security risks.’

Here are 4 examples of such controls:

Deterrent

Ensure the storage has at least some form of warning system that can act as a deterrent to unlawful access.
This is the electronic equivalent of the sign you would put in your window that says “Warning: Guard Dog on Premises.”
Examples of these include:

  • Logon Warning – Ensure that a person is aware of the rights to enter your site or information storage.
  • Creation of appropriate access banner on entry pages
  • A deterrent control tries to stop malicious activity before it even begins.

Preventative

Ensure that any security issues have already been broached. By managing the vulnerable parts of the storage, damage can be limited.

One example of this would be the inclusion of a proxy server.

This can act as a ‘bouncer’ between your information and the person(s) wishing to access it. Requests for your information can pass through this server, reducing the risk of a security breach.

Corrective

These security issues can be resolved after an attack or damage has taken place. Real time security is important.

An example might include the changing of passwords and usernames as soon as you are alerted to the security breach. Another might be a limitation of the time spent on your Cloud storage, to minimize potential breaches.
The downside to corrective controls is that often, a breach must have taken place, allowing you to see where you need to plug the holes as it were, in your system security.

Detective

These controls will detect any unlawful users, slaving itself to the corrective and preventative controls to ensure a minimal amount of damage. This might include a complete listing of possible ‘what if…’ scenarios. Using a plan of development, you can often stop an attack before it begins.

An example might be hiring or yourself trying to unlawfully access your information in an attempt to test the defenses.

Try to keep these four controls in mind when requesting, using or accessing information in Cloud storage. By using one or all of these controls, you can really limit the potential damage that may occur when keeping your sensitive information completely online.

By Susie Francis

This post was written by Susie Francis a content writer for HANDD, the secure file transfer specialists. When Susie isn’t surfing the web and writing great content she likes to build things.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Red Hat Offers Container Native Persistent Storage for Linux Containers

Red Hat Offers Container Native Persistent Storage for Linux Containers

Red Hat Offers Container Storage Latest Red Hat Gluster Storage release enables greater agility and efficiency for OpenShift developers deploying application containers in production SAN FRANCISCO – RED HAT SUMMIT – June 28, 2016 – Red Hat, Inc. (NYSE: RHT), the world’s leading provider of open source solutions, today announced new storage innovations designed to enable developers to…

Dismissal Of Class Action Lawsuit A Setback For Internet Privacy

Dismissal Of Class Action Lawsuit A Setback For Internet Privacy

A Setback For Internet Privacy On Monday the Third U.S. Circuit Court of Appeals (a federal appeals court) unanimously dismissed a class action lawsuit by parents of children under the age of 13 who had used Nickelodeon’s websites against Google and Viacom (which owns the Nickelodeon websites). This was a result of litigation beginning in…

Controversial Chinese Cybersecurity Law Under Review Again

Controversial Chinese Cybersecurity Law Under Review Again

Cybersecurity Law BEIJING. The National People’s Congress, the equivalence of the Chinese Parliament, moved forward in drafting a second version of a controversial cybersecurity law first introduced almost a year ago. This means the law is thought to be closer to passing and will bring greater censorship for both foreign and domestic citizens and businesses.…

Personal Account of Google CEO Compromised

Personal Account of Google CEO Compromised

Personal Account Compromised The security of our information online, whether it’s our banking details, emails or personal information, is important. Hackers pose a very real threat to our privacy when there are vulnerabilities in the security of the services we use online. It can be worrying then when the CEO of perhaps the largest holder…

How You Can Improve Customer Experience With Fast Data Analytics

How You Can Improve Customer Experience With Fast Data Analytics

Fast Data Analytics In today’s constantly connected world, customers expect more than ever before from the companies they do business with. With the emergence of big data, businesses have been able to better meet and exceed customer expectations thanks to analytics and data science. However, the role of data in your business’ success doesn’t end…

Most Active Internet Of Things Investors In The Last 5 Years

Most Active Internet Of Things Investors In The Last 5 Years

Most Active Internet Of Things Investors A recent BI Intelligence report claimed that the Internet of Things (IoT) is on its way to becoming the largest device market in the world. Quite naturally, such exponential growth of the IoT market has prompted a number of high-profile corporate investors and smart money VCs to bet highly…

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing Despite the rapid growth of cloud computing, the cloud still commands a small portion of overall enterprise IT spending. Estimates I’ve seen put the percentage between 5% and 10% of the slightly more than $2 trillion (not including telco) spent worldwide in 2014 on enterprise IT. Yet growth projections…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

Cloud Infographic – Guide To Small Business Cloud Computing

Cloud Infographic – Guide To Small Business Cloud Computing

Small Business Cloud Computing Trepidation is inherently attached to anything that involves change and especially if it involves new technologies. SMBs are incredibly vulnerable to this fear and rightfully so. The wrong security breach can incapacitate a small startup for good whereas larger enterprises can reboot their operations due to the financial stability of shareholders. Gordon Tan contributed an…

Shadow IT To Remain A Focus For Both Cloud Vendors And CIOs

Shadow IT To Remain A Focus For Both Cloud Vendors And CIOs

Shadow IT To Remain A Focus Shadow IT, a phenomenon defined as building internal IT systems without the official organizational approval has been a growing concern for CIOs over the last few years. In 2015, it climbed to the top of the list of the emerging IT threats, with as much as 83% CIOs reporting…

Cloud Computing Offers Key Benefits For Small, Medium Businesses

Cloud Computing Offers Key Benefits For Small, Medium Businesses

Cloud Computing Benefits A growing number of small and medium businesses in the United States rely on as a means of deploying mission-critical software products. Prior to the advent of cloud-based products — software solutions delivered over the Internet – companies were often forced to invest in servers and other products to run software and…

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring

Internet Of Things – Industrial Robots And Virtual Monitoring One of the hottest topics in Information and Communication Technology (ICT) is the Internet of Things (IOT). According to the report of International Telecommunication Union (2012), “the Internet of things can be perceived as a vision with technological and societal implications. It is considered as a…