3 Ways a Cloud Computing Provider is More Secure Than In-House IT
This guest article is written by Margaret Dawson, VP of Marketing at Symform, and is the tenth in a series of IT experts, executives, attorneys and IT consultants who share their expertise on how small and midsized organizations can successfully transition to a cloud computing provider.
New research seems to come out every day touting fears companies have around putting their data in the cloud. Those hesitant to move to the “cloud” quote security issues and concerns that someone could easily hack into their data or that their data could be lost completely. I was recently in Vancouver BC for a Cloud Camp where this was the number one reason people attending were not yet fully utilizing cloud computing.
1. You’re already using the cloud
It’s time to break out the hype from reality when it comes to the cloud. First, most of us have been using the cloud for years, only we didn’t call it that. The “cloud” in simple terms is a solution built on an Internet backbone, so if you’ve been using Gmail, Yahoo email, Skype or other related services, you are already putting your information and personal communication in the cloud.
2. Employee error is a greater security risk
The greatest data losses reported over the past few years have not been caused by Internet hacks but rather by employee mistakes, such as someone losing a laptop loaded with data. Earlier this month, for example, a New Jersey based college admitted that a lost laptop included sensitive student data includes names and social security numbers. And in Sacramento, CA, a stolen computer contained information on more than 4 million patients of a major Northern California health care provider – noted as perhaps the largest breach of health care data in recent years, but it's far from the only incident of its kind. These are just two examples reported in the past month.
3. Cloud computing providers already have strict security controls in place
The reality is that cloud computing providers are doing this as their sole focus and business, which means there is a much higher chance that your public cloud provider is going to utilize industry best practices, defense in depth security. The best cloud vendors incorporate security measures across the application, infrastructure and personnel layers, such as using military grade encryption and strong access control rules. They should also be running background checks on all employees. What’s more, you can choose to work with vendors that make the investment to become certified in such mandates as PCI DSS or SSAE 16 (formerly SAS 70), further proving their operational controls and security measures.
No software or solution is 100% secure; however, I assert that your data is safer in the cloud than in your local server, laptop or data center. Best practices for data security include a layered approach, where you backup all data to a local or onsite storage, with encryption, access controls, and other security measures, and then do a secondary backup to a cloud-based solution. This not only provides security but ensures an ability to obtain your critical business data for disaster recovery.
Serious about cloud computing, but not sure where to start? Register for a free webinar "5 Steps to Understanding & Implementing Cloud Computing”
