Alexander Negrash

Is Your Data Safe In The Cloud?

Cloud Data Safety

This year has certainly been troublesome for businesses when it comes to data security. Numerous cyber attacks have plagued the normal business continuity, thereby triggering an outflow of customers on one hand, and potential legal implications on the other. Ransomware and data leaks are just a few examples of various threats that can unexpectedly throw your corporate workflow off balance, which is unquestionably inadmissible for any organization. With that in mind, let’s see how you can protect your business.

Ransomware

Ransomware is a type of malware that overtakes a computer and threatens to publish or wipe out the information on the computer unless a ransom is paid. We’ve witnessed a couple of them not long ago. Namely, the infamous WannaCry attack struck in may and was estimated to affect around 200’000 computers, halting production of Honda cars and disrupting national hospitals in England. The economic impact of the attack lies in the range of $200 million and $4 billion. Needless to say, a lot of sensitive data was permanently lost; however, that could’ve been avoided if certain preventive measures had been taken. Hindsight is twenty-twenty, and yet it is crucial to reiterate that all of the critical data must be regularly backed up. That way even if you get struck by ransomware, you’ll be able to just erase the storage device that contains your operating system, data, and the ransomware. The final step would be to restore the backed up data and carry on with the business.

Designing backup strategies

A general rule of thumb when designing sensible backup strategies is that files should be backed up to at least one cloud and one local destination. That way no unexpected accident would catch you off guard. If the cloud storage experiences an on-site failure — that’s okay, you have a local backup at hand. Similarly, a local storage malfunction will not affect your data integrity, as you have a cloud storage accessible from anywhere.  Cloud backups are particularly expedient in the event of a crisis that requires you to relocate elsewhere — merely having the Internet connection will allow you to continue the business as usual. Actively fighting ransomware by employing antivirus software is on the one hand recommended, but on the other hand questionable, as the effectiveness of this approach is hardly predictable or consistent. The passive approach of dealing with ransomware by regularly backing up data is naturally preferable because your data remains secure and intact regardless of the damage inflicted by the ransomware.

It’s not just the backup itself that matters, the data must also be encrypted. Needless to say, some types of software seek not only to delete your data, but also to access it and send it to the criminals for various reasons. You therefore need to ensure that even if your data were stolen, it would not be readable by third parties. That’s where 256-bit encryption steps in, providing you military-grade protection for your most sensitive data. Most backup solutions on the market offer built-in encryption, so next time you backup your data — make sure it’s properly encrypted.

Last but not least are the so-called lifecycle policies. Not only do you need to backup your data to the cloud, it’s also crucial to determine the time frame in which it’s going to be stored there and the storage class that best suits your requirements. For instance, it makes sense to back up rarely-accessed files to a low-cost Amazon Glacier, while oft-accessed files should by design be stored under S3. These storage classes are flexible and enable you to move files between them as you see fit. Let’s suppose that you’re backing up some company reports that you know might be necessary within the next 30 days, but afterward will likely be useless, but you still need to store them so your audit inspector is happy. In this scenario you can set up a lifecycle policy that stores you backed up data for 30 days under S3, and thereafter automatically transfers it to Glacier for long-term archiving. That way you can meticulously configure your storage and lifecycle policies that reflect your backup requirements and expenditure expectations.

Data breaches

Cloud data

While people expect various cyber attacks to come their way, the majority almost always think that the giants like Amazon have no weaknesses. The truth of the matter though is that your data is never secure regardless of where you store it. Let us mention just a few instances wherein cloud data stored on Amazon S3 was leaked due to misconfiguration of AWS security policies:

1) Dow Jones, the world's leading financial information agency, was affected by an Amazon Web Services (AWS) cloud data leakage because of user error and wrong bucket access restriction configuration. Names, email addresses and financial information of about 2 million customers were exposed.

2) NICE Systems, a third-party vendor for Verizon, misconfigured cloud-based file repository, exposed the names, addresses, account details, and account PINs of 14 millions Verizon customers. The Amazon S3 data repository was configured to allow public access to call logs which included the above-mentioned data.

3) Republican National Committee (RNC) voter database was left exposed to any unauthorized user. As it was later discovered, this happened due to misconfigured AWS security policies.

These events clearly demonstrate that your data is at risk while being both on your local storage and on the cloud storage. There’s always room for human error and data leaks, so it is only fitting to assume that your data can always and everywhere be corrupted and leaked. If you’ve prepared for the worst, nothing and nobody can access or delete your data — and that’s what you should be aiming at.

It is recommended to do the following things to ensure that your data is safe in the cloud:

1) Check your security policies in the cloud. All of the aforementioned security leaks have one trait in common: they all stem from the improper use of AWS security configurations. So if you have a number of employees all backing up their data to AWS, ensure that they only have the required permissions within the cloud. Elsewise, they might end up sharing the data with the rest of the world, to put it mildly.

2) Encrypt files with your own password. Many people rely on Amazon’s proprietary server-side encryption to store their data securely. Yet this option is hardly gonna protect your data in case your AWS credentials are compromised, as Amazon will immediately decrypt the data upon a request sent using the said credentials. That’s why it is advisable to upload already encrypted files to the cloud, so that even a leak will make it impossible to decipher your data. Most backup solutions on the market already employ 256-bit encryption for backups, thereby ensuring that any damage stemming from mishandled AWS security policies will be contained. Similarly, you can outright encrypt files using built-in utilities; for instance, MacOS has a built-in openssl encryptor that can be invoked from the terminal.

Conclusion

So these are just a few tips to ensure that your data remains ever secure, intact, and replicated all of the time. Employing the aforementioned tactics will ensure that your business carries on regardless of the emerging crises, avoiding customers and revenue loss. It goes without saying that the cloud is slowly but surely becoming the new normal, and that means countless new opportunities and sadly exposure to new security risks. We suggest you embrace the new status quo, take preventive measures, and hopefully your cloud backup experience will be tranquil and robust.

By Alexander Negrash

Alexander Negrash

Alexander Negrash is the director of marketing at CloudBerry Lab, a provider of backup and management solutions for public cloud storage.

View Website
Countdown to GDPR: Preparing for Global Data Privacy Reform

Countdown to GDPR: Preparing for Global Data Privacy Reform

Preparing for Global Data Privacy Reform Multinational businesses who aren’t up to speed on the regulatory requirements of the European Union’s General Data Protection Regulation (GDPR) are in for a rude awakening when 2018 rolls ...
The Cloudification of Healthcare: Benefits and Risks

The Cloudification of Healthcare: Benefits and Risks

Cloud Healthcare: Benefits and Risks Many organizations are moving most of their business-critical applications and workloads to the cloud. The healthcare industry is no exception – hospitals, payers and other organizations also are making moves ...
Using Cloud Analytics To Improve Customer Experience

Using Cloud Analytics To Improve Customer Experience

Evolution of Cloud Analytics Moving data to the cloud, once considered a strenuous task, has now become commonplace in most industries. Originally, this migration started as organizations looked to speed up the time needed to ...
Cloud Services Are Vulnerable Without End-To-End Encryption

Cloud Services Are Vulnerable Without End-To-End Encryption

End-To-End Encryption The growth of cloud services has been one of the most disruptive phenomena of the Internet era.  However, even the most popular cloud services (including Yahoo, Gmail, Microsoft Outlook 365, and Dropbox) are ...
The Unintended – and Intended – Consequences of Cloud Data Sovereignty

The Unintended – and Intended – Consequences of Cloud Data Sovereignty

Cloud Data Sovereignty It seems that everything has unintended consequences – whether positive or negative. Intended consequences are those that are chosen. Unintended consequences are forced upon us. The consequences surrounding data sovereignty regulations are ...
The Lighter Side Of The Cloud - The Robo-Revolution
The Lighter Side Of The Cloud - Fear Of Heights
The Lighter Side Of The Cloud - F96qL#5
The Lighter Side Of The Cloud - Snowball Effect
The Ligther Side Of The Cloud - Speed Browsing
The Lighter Side Of The Cloud - Low Tech
Comic
The Lighter Side Of The Cloud - The Money Grab
The Lighter Side Of The Cloud - Checking It Twice

CLOUDBUZZ NEWS

Sumo Logic and Partners to Host NYC DevOps Event with Dr. Nicole Forsgren

Sumo Logic and Partners to Host NYC DevOps Event with Dr. Nicole Forsgren

REDWOOD CITY, Calif., May 17, 2018 (GLOBE NEWSWIRE) -- Sumo Logic, the leading cloud-native, machine data analytics platform that delivers continuous intelligence, today announced it is hosting a DevOps industry event at the Eventi Hotel in New ...
Artificial Intelligence to Add US$182 Billion to UAE Economy by 2035, Accenture Research Shows

Artificial Intelligence to Add US$182 Billion to UAE Economy by 2035, Accenture Research Shows

Financial services, healthcare, and transport and storage industries likely to see the biggest gains DUBAI, United Arab Emirates; May 21, 2018 – Artificial intelligence (AI) has the potential to boost economic growth in the United ...
Facebook Joins FIDO Alliance Board of Directors

Facebook Joins FIDO Alliance Board of Directors

Aligns with other leading global technology, financial services and e-commerce companies in effort to reduce world’s reliance on passwords MOUNTAIN VIEW, Calif., May 15, 2018 (GLOBE NEWSWIRE) -- The FIDO Alliance announced today that Facebook has been appointed ...