Data Storage Security
The use of cloud storage is on the increase. However, SMBs are still suspicious about it. Actually, 61% of SMBs believe their data in unsafe in the cloud. Why are those perceptions still present? And what can be done about it?
SMBs believe their data in unsafe in the cloud
The cloud brings many benefits to organizations, but it also comes with a number of risks. SMBs think it’s risky to trust a third party with your valuable data because you’re not in control of it anymore.
The first risk is that unauthorised access is harder to detect. With data stored on premise, there is a need to be physically present in the office to access these files so it creates a natural boundary against unauthorized access from outside the organization. Plus, IT can restrict access to specific devices only. With cloud-based storage, data can be accessed from anywhere in the world and on any device, which increases significantly the chance of unauthorised access.
The second risk is that data theft from leaving employees is harder to stop or prevent. For the exact same reasons, it is much easier to spot an employee stealing valuable information when it’s stored on the physical desktop computer. Cloud storage makes it very easy for leaving employees to steal data before they go.
The third risk is that hybrid storage environment is difficult to manage. There is no doubt that using a mixture of on premise and cloud storage increases productivity. However, it also makes managing the security of the data stored across multiple environments very challenging. According to recent research, 56% of SMBs say that it’s difficult managing the security of data living in hybrid infrastructures.
The current attitude towards Cloud Storage needs to change
Many organisations consider their own data to be more valuable than that of their clients, according to the same research. This is pretty worrying considering third-party and insider breaches are increasing.
This mentality will worry those that operate with large and complex supply chains given the lack of control over data security once it lives on third-party systems. Moreover, like we said before, many organisations are using a mixture of on-premises and cloud storage systems, and they are struggling to manage the security of data — either their clients’ or their own.
In addition, 45% of organisations said that moving to the cloud has damaged their security and 59% believe that the native security controls of common cloud storage providers are not strong enough to protect data. Despite that, 90% are simply relying on the native security of whichever cloud storage provider they’re using and only 10% are using third party cloud file monitoring tool to prevent unauthorised access to sensitive files.
There clearly needs to be a more efficient way to ensure that data in the cloud remains safe. Moving to the cloud does not diminish an organisation’s need to secure access to and usage of file data.
What to do about it?
The mentality of ‘my data is more important than yours’ needs to change. Many organisations share a huge amount of sensitive data with their clients over email and via the cloud — and with supply chain attacks on the rise, all it takes is one mishap from one supplier to compromise your data. Many organisations consider the cybersecurity of their partners before choosing to work with them. Therefore, it’s vital that organisations can demonstrate that they can keep their clients’ data safe.
The most effective way to ensure that your data is protected whether it’s in the cloud or on a mixture of on-premise and cloud, is to invest in technology that proactively tracks, audits and reports on all access to files and folders and alerts you in real-time and alert IT teams to suspicious file activity the moment it occurs.
If you have a solution in place that provides a consistent view of the security of your data across all your storage servers — whether on-premises or on a third-party cloud system — you can rest assured that if someone other than an authorized employee attempts to access your data, you’ll be the first to know about it and therefore, be able to do something about it.
By François Amigorena