As cloud computing and secure cloud projects continue to grow in popularity in 2013 and beyond, the importance of basic data security is coming back to the forefront. Adding a third party into a company’s data and application storage and access systems can introduce new security risks. However, as long as the connection between the company, the user, and the cloud is secure, businesses can leverage the benefits of the cloud with little or no additional risk. Getting these five basics correct can make the difference between a successful cloud project and suffering millions of dollars of losses due to data loss or interception:
- Establishing Secure Passwords. Ultimately, a company’s cloud data and applications are only as safe as the passwords that protect them. One user with a password like “abc123” can compromise the entire network’s security. Access to main servers and to cloud administration accounts should be limited to only the most essential employees, and every employee should be trained on password security for their personal accounts.
- Adding Second-Level Security. If a company’s system supports it, adding a second level of security, such as a biometric check or a key token, helps provide an additional level of protection. This additional security frequently carries additional complexity, though, and that can confuse users. As such, implementing this additional measure requires both testing to find a suitable one and training for end users.
- Maintaining Data Encryption. Even if encryption is imperfect, it is still a useful tool to dissuade casual criminals from stealing company data over cloud connections. Setting up a system with strong encryption also sends a message to users that the company takes security seriously; it may not only help with acceptance of the cloud technology, but it also may improve compliance with strong security policies.
- Creating Comprehensive Logs. Done right, cloud computing is easier for users but harder on servers and server administrators. Setting cloud servers to log as much data as possible–and as frequently as possible– gives the IT management team the information that it needs to fix any issues that may arise.
- Local Data Security. When cloud connections put more data on the Internet, they also increase the amount of data that transfers from a company’s office to the Internet. As such, all of the same local data security measures, such as firewalls, that were important pre-cloud become even more important in installations that are heavily cloud-based.