Cloud computing marketing can be deceiving. When you see an image of the cloud, it’s often a happy, bubbly, white puffball floating delightfully in front of a blue sky background. Its presence is both calming and reassuring, which makes you believe that anything is possible. Security would never be an issue, right? Ask one of the nearly seven million Dropbox users who had their accounts hacked, and they’ll give you a definitive answer. Sure, not every cloud provider has had security breaches, but that doesn’t mean we can take cloud security lightly. Here’s what you can do to protect yourself as a business owner.
Ask your IT provider what cloud security policies they have in place
This is probably the single most important security measure you can take. Find a trusted IT provider and have a candid conversation with them about their cloud security policies.
Ask about Security Training
The number one point for anything security related is user training. A Smart user is 90% of the way there to protecting themselves. You can have all the browser extensions and ad blockers you want but if the plugins are out of date or compromised it might make things worse. The content of this document, and all the other emails and blog entries you send out are helping to Train the user. A Smart user will understand why and how to use the technology to help protect themselves and the company.
Ask where the physical cloud servers are located
When you have “the conversation,” don’t forget to ask about this. Believe it or not, some cloud servers may not even be located in your own country. Wherever they are, it’s wise to make sure they’re located in a safe data center with proper security afforded to them. Otherwise depending on your type of business you may be out of compliance with regulations such as Sarbanes-Oxley.Create unique usernames and passwords
Your login credentials represent one of the cloud’s main security vulnerabilities. Think of a better password than “12345” or “football.”
Use industry standard encryption and authentication protocols
AES (Advanced Encryption Standard), IPsec (Internet Protocol Security) and EAP (Extensible Authentication Protocol) are reliable technologies. IPsec is primarily used for a secure VPN connection.
Encrypt data before it’s uploaded to the cloud
Encryption is a must, and can be done by you or your cloud service provider. Should hackers manage to access your data, they’ll find it useless because they can’t make heads or tails of it.
When it comes to trusting the security protocol of a cloud service provider, transparency is key. They should take security seriously, be able to explain their security policies clearly, and be willing to answer any questions. If they can’t do one of these, that’s a red flag telling you to find another vendor.
Are you ready to talk cloud security and transition your business into the cloud? Call us today at 800-421-7151. We’re happy to answer all your questions.