Simply Security - News, Views, and Opinions from Trend Micro

Posted on August 7th, 2012 in Internet Safety by Simply Security | Be the first to comment | Tags: Internet Safety

Successful cloud deployment can mean an overhaul of an entire existing system, including purchasing new software, training employees and working out security guidelines to fit the new program.

Successful cloud deployment can mean an overhaul of an entire existing system, including purchasing new software, training employees and working out security guidelines to fit the new program. It's this fear of data protection shortcomigs in the cloud that has many Canadian businesses avoiding the technology, despite the benefits others have seen after implementation.

"Many larger Canadian organizations miss the opportunity to exploit the benefits of cloud because they fixate on security," said IDC's David Senf in an interview with the Sacramento Bee. "Security is critically important, and in fact, is one of the many pillars of cloud success."

The Bee recently published the results of a TELUS study conducted in Canada, revealing that many are not as sure as Senf about cloud security safety. More than 90 percent of responding corporations said these issues were the primary factor adding to lack of implementation throughout the business, while more than 85 percent felt that deploying a cloud solution would significantly limit their ability to comply with federal data regulations even while personally monitoring data protection.

Timothy Toohey of Snell & Wilmer, a law firm with specialists in Internet security, recently wrote for JD Supra that companies fearful of a cloud security breach could take reasonable precautions to avoid similar calamities while still enjoying the benefits of the technology.

First, before entering a cloud agreement with any vendor, check their security guidelines and user conditions. A multitude of problems have arisen in just the last few months regarding ownership of cloud information. Google came under fire for their controversial requirements for Google Drive, wherein any data placed in its storage solutions was considered partial property of the company even after the original creator deleted his or her account. This is a huge data security problem for corporations that need to keep their information private.

Next, have an internal process for reviewing security of online files. Virtual access can be gained from any terminal if a hacker is crafty enough to hide an IP address or use a proxy, meaning an attempt on user information could easily be disguised. It also means that the IT department will be able to verify data protection and potentially catch a threat the system doesn't recognize on its own. Making sure that everyone involved in the process has in-depth knowledge and training on these systems will make it much harder for outsiders to gain access, and will give IT professionals a leg up in creating and maintaining safeguards for company data.

Lastly, it's essential to have a secondary backup outside the cloud in place for business continuity purposes, whether it's tape or disk drives, virtualized servers or even holographic storage. Even a tertiary solution could be advisable if the company has enough resources and critical data to support that move. Even if the business never experiences a data breach, a physical disaster could still put the cloud out of reach, depending on where it occurrs and how the cloud vendor supports that digital infrastructure.

Toohey pointed out in the Supra article that the Federal Trade Commission advised the general public in a recent review that taking data security to the whole company is the best way to make an airtight system work. Not only should IT be tuned in to cloud security, all staff members should know about data backups, threats and protection methods in order to ensure that nobody is accidentally creating an unsafe situation for information to reside. Canadian companies may still be hesitant to adopt new technology into current corporate infrastructure, but the benefits of proper deployment and security make the cloud a strong addition to any information storage structure.