data-security

Data Security In The Cloud: Solutions For Consumers And SMBs

Data Security in the Cloud

A recent small business cloud computing survey from Microsoft found that a chief concern of potential SMB cloud customers is the security and privacy of their data. A full 70% of small businesses are concerned about where their data is stored. Just over half of all SMBs cite data privacy as a potential deal breaker for adopting cloud services. And only 36% of businesses think their data is as or more secure in the cloud than their current on premises solution.

Most data security and privacy concerns revolve around four general scenarios:

  1. Hackers compromising data center servers that contain customer or proprietary information.
  2. Hackers “sniffing” improperly secured network traffic.
  3. Data center employees accessing (and possibly sharing) confidential information, especially within a corporate espionage or financial cyber crime context.
  4. Employees losing improperly secured laptops or mobile devices with saved credentials for accessing cloud services.

Thankfully, simple and relatively inexpensive solutions exist for all of these concerns.

Local Data Encryption: Most cloud storage services offer end-to-end data encryption as a standard feature. Unfortunately, relying on a storage provider’s encryption could still leaves data vulnerable to data center employees or hackers who directly compromise the data center’s servers. The simplest method for cloud storage customers to ensure data security is locally encrypting files before uploading them to the cloud. Programs like BoxCryptor allow one-click encryption of individual files or folders.

Encrypted Backup Services: For customers who rely on the cloud for automated backup (without the hassle of individually encrypting files) a third party backup tool can provide an additional layer of security. For example, Duplicati will locally pre-encrypt all designated files using a single user-provided encryption key before automatically archiving and uploading data to a cloud storage provider of the customer’s choice.

Email Encryption: Companies that share confidential information via email should seriously consider PGP for Outlook or GnuPG for Thunderbird. These products encrypt individual email messages using 256-bit AES encryption. Users who prefer webmail can also use FireGPG for Mozilla Firefox to encrypt their email. Email messages encrypted with PGP or GnuPG require that message recipients know the sender’s unique encryption key to decrypt and read the contents of a message.

Third Party Services and Appliances: An entire industry has sprung up around data security in the cloud. Porticor is an example of one such company. The Israeli startup combines a virtual cloud appliance and key management service to securely encrypt data stored in the cloud for Microsoft and VMware cloud applications. Porticor enables companies to run applications in the cloud while keeping their data encrypted.

A number of third party apps, such as Lookout Mobile Security, also exist for locking or wiping mobile devices that may contain saved credentials for cloud services.

HTTPS vs. HTTP Web Services: Many websites offer both HTTP and HTTPS versions of their apps. HTTPS combines the standard HTTP web protocol with the SSL/TLS encryption protocol to provide secure end-to-end data transfer over the Internet. Users concerned with data security should select services which offer the much more secure HTTPS protocol.

When properly deployed, most of these solutions are all but foolproof, but they do require both employee training and commitment. For such security measures to be effective, businesses must invest time and effort into communicating the importance of data security and reinforcing standard security routines.

By Joseph Walker

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as technology related infographics and comics.

Contact us for more information on how to get involved in our content related services and placement programs.

CONTRIBUTORS

The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the ...
The 800-Pound Cloud Gorilla Makes a Move

The 800-Pound Cloud Gorilla Makes a Move

Amazon Connect Oh-oh! First, books; then all of retail and cloud services. Now, call centers??? What is Amazon up to? ...
The Security of Cloud-Based Software and Client Communication

The Security of Cloud-Based Software and Client Communication

Cloud-Based Software Security The fear of not having a secure cloud-based software should far outweigh the fear of switching to a ...
Why ‘Data Hoarding’ Increases Cybersecurity Risk

Why ‘Data Hoarding’ Increases Cybersecurity Risk

Data Hoarding The proliferation of data and constant growth of content saved on premise, in cloud storage, or a non-integrated ...
The Need For Planning In The Drone World

The Need For Planning In The Drone World

The Drone Highway Do we need to plan the sky? Given the current state of drones that seems a bit ...
5 Simple Tips to Make Strong and Robust Business Continuity Plans

5 Simple Tips to Make Strong and Robust Business Continuity Plans

Business Continuity Plans Today’s organizations need comprehensive and robust business continuity planning for swift and effective action in case of ...
How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data The modern enterprise is digital. It relies on accurate and timely data to support the ...
Critical Success Factors when shifting Workloads into the Cloud

Critical Success Factors when shifting Workloads into the Cloud

Shifting Workloads into the Cloud By 2020, 92 percent of all workloads will reside in the cloud. Yet challenges remain ...

NEWS

Rackspace Announces Completion of Datapipe Acquisition

Rackspace Announces Completion of Datapipe Acquisition

Strengthens Commitment to Become the Global Leader in IT as a Service SAN ANTONIO, TX--(Marketwired - November 16, 2017) - Rackspace® ...
One of Sweden's Largest Banks Selects OpenStack Cloud Provider 'City Network'

One of Sweden’s Largest Banks Selects OpenStack Cloud Provider ‘City Network’

SBAB Selects OpenStack Cloud Provider 'City Network' City Network, a leading global supplier of IT infrastructure as a service (IaaS) ...
Cisco Survey Indicates Adding a Virtual Assistant May Be the Key to Happiness at Work

Cisco Survey Indicates Adding a Virtual Assistant May Be the Key to Happiness at Work

Virtual Assistant May Be the Key to Happiness at Work SAN JOSE, CA--(Marketwired - Nov 14, 2017) -  A Cisco ...