5 Ways to Protect Your Data in the Cloud
Although storing business data in the cloud is a relatively safe practice, law firms and small businesses especially should not become complacent and assume everything is secure. Here are five things you can do to help keep your business’s data safe in the cloud.
Cloud computing is now the norm — 95 percent of businesses worldwide are using at least one cloud service. While there are many services that fall under cloud computing, businesses often use the cloud to store data. Although security experts note that storing data in the cloud is a relatively safe practice, businesses should still take certain measures to protect their files.
Here are five things you can do to help keep your business’s data safe in the cloud:
1. Review Your Cloud Service Provider’s Security Policy
Most cloud service providers explain their data security systems and methods in detail in their security policies. You need to review your provider’s policy (or the policy of any provider you are considering), looking for key items such as:
- How frequently your data is being backed up
- Where the backup files are stored
- Whether your data is encrypted when it is being stored
- Which cloud storage facility employees have access to your data
The best cloud service providers are audited, certified, or both, by independent agencies. These credentials ensure that their security policies are up to standard. If a provider lacks these credentials or you are uncomfortable with how your data is being handled, you might want to find another provider.
2. Protect Your Account with a Strong, Unique Password
An essential element in keeping your data secure in the cloud is to use a strong password for your account. The newest standard and best practice is actually using a passphrase made up of 4 words rather than a password, with uppercase and lowercase letters. It also needs to contain numbers that are not in a predictable pattern (e.g., 5678). If possible, include special characters, such as a question mark or ampersand.
Equally important, the password must be unique. Cybercriminals know that people reuse passwords, so once they obtain a password for one account, they will try it for other online accounts.
If your cloud service provider offers two-step verification (also known as two-factor authentication), consider taking advantage of it. Two-step verification provides an additional layer of security to prevent unauthorized access to your account.
3. Make Sure Your Cloud Service Provider Is Using an Encrypted Connection
All data that you upload to or download from the cloud passes over the Internet. Thus, you need to make sure your connection to the cloud service provider is encrypted so that your data will be protected in case a cybercriminal intercepts it. An easy way to see if a connection is encrypted is to look for a small lock icon either to the left or right of the URL in your web browser’s address bar. If you do not see this lock icon when you connect to your cloud service provider, it is time to find another provider.
4. Create Your Own Backup Files
Your cloud service provider is likely backing up your data (and the data of all its other clients) as part of its security measures. However, no backup system is foolproof. A backup file might become corrupted, for example. Thus, you should periodically back up your data as well. One way to do this is to download the data from the cloud to your computer, which you can then back up in the same way you would back up any other data on it. Having your own backup files provides you with an extra layer of protection.
5. Train Your Staff
Employees who access your cloud service play an important role in protecting your data in the cloud. To fully understand that role, they need to know what a cloud service is, how it operates, and their responsibilities in keeping the data secure. The importance of good security habits also needs to be discussed during employee training. For example, they need to know why reusing passwords is dangerous.