SMB’s perceptions of Cloud Storage Security

Data Storage Security

The use of cloud storage is on the increase. However, SMBs are still suspicious about it. Actually, 61% of SMBs believe their data in unsafe in the cloud. Why are those perceptions still present? And what can be done about it?

SMBs believe their data in unsafe in the cloud

The cloud brings many benefits to organizations, but it also comes with a number of risks. SMBs think it’s risky to trust a third party with your valuable data because you’re not in control of it anymore.

The first risk is that unauthorised access is harder to detect. With data stored on premise, there is a need to be physically present in the office to access these files so it creates a natural boundary against unauthorized access from outside the organization. Plus, IT can restrict access to specific devices only. With cloud-based storage, data can be accessed from anywhere in the world and on any device, which increases significantly the chance of unauthorised access.

The second risk is that data theft from leaving employees is harder to stop or prevent. For the exact same reasons, it is much easier to spot an employee stealing valuable information when it’s stored on the physical desktop computer. Cloud storage makes it very easy for leaving employees to steal data before they go.

The third risk is that hybrid storage environment is difficult to manage. There is no doubt that using a mixture of on premise and cloud storage increases productivity. However, it also makes managing the security of the data stored across multiple environments very challenging. According to recent research, 56% of SMBs say that it’s difficult managing the security of data living in hybrid infrastructures.

The current attitude towards Cloud Storage needs to change

Many organisations consider their own data to be more valuable than that of their clients, according to the same research. This is pretty worrying considering third-party and insider breaches are increasing.

This mentality will worry those that operate with large and complex supply chains given the lack of control over data security once it lives on third-party systems. Moreover, like we said before, many organisations are using a mixture of On-Premises and cloud storage systems, and they are struggling to manage the security of data — either their clients’ or their own.

In addition, 45% of organisations said that moving to the cloud has damaged their security and 59% believe that the native security controls of common cloud storage providers are not strong enough to protect data. Despite that, 90% are simply relying on the native security of whichever cloud storage provider they’re using and only 10% are using third party cloud file monitoring tool to prevent unauthorised access to sensitive files.

There clearly needs to be a more efficient way to ensure that data in the cloud remains safe. Moving to the cloud does not diminish an organisation’s need to secure access to and usage of file data.

What to do about it?

The mentality of ‘my data is more important than yours’ needs to change. Many organisations share a huge amount of sensitive data with their clients over email and via the cloud — and with supply chain attacks on the rise, all it takes is one mishap from one supplier to compromise your data. Many organisations consider the cybersecurity of their partners before choosing to work with them. Therefore, it’s vital that organisations can demonstrate that they can keep their clients’ data safe.

The most effective way to ensure that your data is protected whether it’s in the cloud or on a mixture of on-premise and cloud, is to invest in technology that proactively tracks, audits and reports on all access to files and folders and alerts you in real-time and alert IT teams to suspicious file activity the moment it occurs.

If you have a solution in place that provides a consistent view of the security of your data across all your storage servers — whether on-premises or on a third-party cloud system — you can rest assured that if someone other than an authorized employee attempts to access your data, you’ll be the first to know about it and therefore, be able to do something about it.

By François Amigorena

Data Fallout.png
Viral Infection Wearabletech
The Sticky Note.png
Recovery Experts.png
Rajesh Khanna
Implement Hyperautomation to Scale Automation Programs by 3X Most Digital Service Providers (DSPs) struggle to accelerate their path to Hyperautomation due to the complex processes with legacy systems and applications. Although Robotic Process Automation (RPA) plays a ...
Louis
Manufacturers’ Top Demands For Quality Software Competing on product quality has never been more urgent as rising raw material and component costs continue to squeeze manufacturers’ margins. At the same time, unpredictable supply chains make ...
Shared vs dedicated
Shared Server and a Dedicated Server A customer-facing Internet presence is just about mandatory for modern businesses. Websites are essential instruments for companies venturing into the eCommerce space or simply wishing to provide customers with ...
Shireesh Thota
Here’s How to Position Your Organization for the Era of Data Intensity We live in a data-intensive era. Data is booming. Companies are realizing that data is one of the most important assets and they ...
What is Microservices in DevOps?
What Is The Role of Microservices in DevOps? The modern business landscape is constantly evolving, and so are the user requirements that come with it. What worked yesterday may not work tomorrow, and service providers ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.