Four Tips For Securing Your Data In The Cloud
Moving part of your business’s operations to the cloud offers you a number of advantages, including more flexibility and mobility. It does introduce a few challenges related to security, however. Since employees are able to access more from more places, that means the possibility of criminals accessing important data increases. Another possibility is a crippling denial of service attack that makes any applications or data stored in the cloud unreachable. That’s what happened recently to a company hosted in Amazon’s Web Service Cloud. That attack prompted Tech World’s Brandon Butler to publish a list of tips for protecting any infrastructure as a service cloud.
- Two-Factor Authentication
The primary worry when data is available from anywhere is that log in credentials will be stolen or hacked allowing a third-party to access everything stored in the cloud. To prevent this from occurring, two-factor authentication is extremely useful. Rather than a simple log-in name and password, two-factor authentication requires a unique PIN for a user to log-in from an unrecognized device. This PIN is often sent to the user’s registered phone via text message. If an unrecognized device tries to log-in to the cloud, even with a recognized username and password, a PIN will be required, which should keep attackers out.
- Monitor Activity
One of the keys to spotting a developing problem with the cloud is closely monitoring regular activity. You need to know what behaviors are normal so you can spot irregular or suspicious activity and investigate before any real problems develop. There are a number of tools available to help monitor activity like when and where users log in from. Keeping a close eye on these reports allows you to see when unknown IP addresses are attempting to gain access.
Unfortunately, no security tool can guarantee that no criminal will ever gain access to your data. In the event someone does gain access to the cloud, it’s important to have encryption in place so important data isn’t readily available to them. It’s also important to understand that not all encryption is created equal. While some is useful to protect your data in the event of a large scale attack against the whole system, that same encryption likely wouldn’t be effective should an individual user’s account be compromised.
As with anything else, if it’s important, it’s important enough to make copies. Making back-ups doesn’t improve security or protect you from an attack. It does, however, make attacks much less costly because recovery times are much shorter and much less data is completely lost. Some cloud services automatically back-up data stored there, but not all do. It’s important to know if your data is being backed up, or if you need to make arrangements yourself. You’ll also need to decide if everything stored in the cloud needs to be backed up regularly, or if there is specific, vital data that needs the most attention.
The cloud is becoming an invaluable tool for business and securing it properly is vital to the success of your operations.
For help implementing and securing the cloud, call Geek Rescue at 918-369-4335.June 24th, 2014