RANSOMWARE TRACKING MAPS

Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

Security for the Cloud: Data Integrity, Data Resilience and Data Security

Data Integrity, Data Resilience and Data Security

Given the recent rise in popularity of cloud-based solutions, it is not surprising that there is a concern in the minds of many people regarding the security of their data.

This is safeguarding the data against:

  • Unauthorized access
  • Data corruption or loss
  • Hardware failure

In reality, you will use much of the same precautions for cloud-based solutions as you would for a solution running in a corporate datacentre.

Data Integrity



When you are running an application on a server, you normally configure a suitable backup routine so that it is safe in the event of a data-loss incident. It does not matter if this is a corrupt entry in a database file, deletion of user data or even a more disastrous data loss due to a fire or theft.  Usually, the data will backup to portable media on a regular basis which will then be stored in an off-site location.

If you migrate an application to a cloud-based provider, it is important to consider how to backup the data. This can be to traditional backup media which will need storing off-site, or you can take advantage of the physically-diverse locations to store the backups in a completely different place. Your backup schedule and how long backups are kept will be a trade-off between the critical of the data and any legislative requirements against the associated costs.

Another important aspect to consider is the testing of the backup process. For an important system, you should aim to run a disaster recovery test on a regular basis. For this, you should aim to restore a fully working copy of your system from a recent backup. Luckily with a cloud solution, this process can occur a lot quicker than it would in a traditional datacentre environment.

Data Resilience

For a local system, you might look into using multiple resilient servers configured as part of a cluster. With modern clustering technology these can be locating in physically diverse datacentres. If you lose a server, or even a datacentre, the entire system will fail over to the other servers and the users will hardly notice a thing.

With a cloud-based application, this resilience is automatically built-in. By hosting your application on the cloud it is completely unaffected by the loss of a physical device or location.

Data Security

Data security is a hot-topic at the moment. Any unauthorized access can result in embarrassment for your business and even loss of money though theft. As always when it comes to security, limit access only to those people that specifically need access to the data or application. One of the worst mistakes that you can make is to relax access to your data and allow too many people in. It is also good practice to check the access on a regular basis and remove any users who no longer need access to the data.

You should always check with your hosting company that their servers and applications have a regular patch schedule to ensure that any discovered security flaws in the software are fixed. This is particularly important when your application runs on a Windows platform.

Even with the best policies and technical experts, there are still security holes that can slip through the gap. A regular security audit and penetration test will help to find and fill any of these holes, before the hackers do.

The principles behind data security in a cloud-based environment are no different from any other kind of hosting. Make sure that you set up you procedures correctly from the outset and perform regular audits of these procedures and will have covered yourself as much as you possible can.

Image Source: Evron

By Dave Schofield

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as technology related infographics and comics.

SYNDICATED NEWS SOURCES

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…

RiskVision Named 2017 Cybersecurity Breakthrough Awards Winner

By CloudBuzz | September 20, 2017

RiskVision Named 2017 Cybersecurity Breakthrough Awards Winner for Enterprise Risk Management (ERM) Software of the Year SUNNYVALE, CA–(Marketwired – Sep 20, 2017) – RiskVision, the enterprise risk intelligence company formerly known as Agiliance, today announced that the RiskVision platform has…

Amazon working on ‘smart glasses’ as its first wearable device: FT

By CloudBuzz | September 20, 2017

(Reuters) – Amazon.com Inc is working on its first wearable device – a pair of ‘smart glasses’, the Financial Times reported on Wednesday. The device, designed like a regular pair of spectacles, will allow Amazon’s digital assistant Alexa to be…