IT Navigator - Daymark Solutions Blog

4 Cloud Strategies to Secure your Corporate Data

Written by Michael Chen | Mon, Sep 29, 2014
 
By now, many of you are probably aware of the most recent cloud breach where a large cache of celebrity nude photos was released on a forum board on 4chan. Though details are still emerging, the prevalent theory is that the hackers managed to gain access to the pictures by accessing the celebrity’s Apple iCloud accounts.
 
This is but the most recent security breach in a long string of security breaches, affecting major enterprises like; Sony, Twitter, Target, and even the Department of Homeland Security. It’s not your company data necessarily that these data thieves are interested in. Rather, it’s your contact data – the personal data you compile on each contact in your data base such as social security number, credit card number, and email address. This naturally raises the question; just how secure is your corporate data in the cloud? The hard truth is - “it depends”. Fact is, the only surefire way to guarantee your cloud data is 100% secure is to disconnect it from the cloud.
 
As cloud providers offer cheaper and more elastic resources for storage, including compute, backup, and even disaster recovery, implementing and installing a cloud solution is becoming more and more appealing over traditional brick and mortar IT security options.

 

 

4 Corporate Strategies to Secure Your Cloud Data

 
Below are 4 data strategies to consider to ensure that your corporate data is as safe as possible as you move it to the cloud.

 

1. Multi-factor authentication

Confirming that the query is from an authorized user who is accessing the data from an authorized computer can significantly narrow down the number of access points, and in the event of a leak, makes it much easier to trace where that leak came from. In fact, here at Daymark, in order to maintain our SOC-2 certification, we must keep a checklist of items to compare against industry best practices, as well as complete a task list every week to make sure that none of the configuration settings have deviated from established norms.

2. Regular cloud backups

Though everyone is familiar with regular backups, fewer people are familiar with how important backups of your cloud infrastructure is. Cloud providers can ensure that your data stays up, but if, for example, a disgruntled ex-employee decides to delete all of your records, there is nothing they can do to restore that data.

3. Defense in depth

Regular firewalls do a great job of keeping intruders out of the perimeter, but if they find a way in, the hackers usually find a nice gooey center to attack the rest of your infrastructure. Windows Firewall provides OS level protection that can give you better defense in case of a breach, but many administrators turn it off. An alternate solution is VMware NSX, which virtualizes the network layer, and can give you many similar protection benefits.

4. Regular patching

The recent Heartbleed bug, and now, the ShellShock bug in Bash, shows just how vulnerable today’s software is, even open source ones. Moving your workload to the cloud provides an even broader platform for which hackers can attack. It is therefore critical to stay on top of security patches for all of your datacenter components, and if a patch is unavailable, protect the data some other way.

 
No doubt security breaches present a huge vulnerability for corporations and create a whole lot of problems as hackers increasingly target a wider range of companies. For mid-tier companies and SMB’s, the challenge is that they store a treasure trove of personal information, but generally lack the dedicated security infrastructure and staff of their larger peers, and hackers are acutely aware of just how vulnerable their IT infrastructure is. In fact, according to a 2011 Symantec Security survey, 73% of small to midsize enterprises have been breached by a cyber-attack. That, my friends, is a scary number!

 

 

Is Your Corporate Data Safer in the Cloud?

 
Actually, security breaches for cloud providers are much rarer. The largest glitch was arguably when Google deleted 150k Gmail user accounts, which was less than 1% of Gmail users, and Google was able to detect and patch the problem before the issue became widespread.
 
So why are security breaches much less prevalent for companies who adopt a cloud solution? Cynically, there’s the belief that because cloud vendors are so dependent on their reliable security reputation, evidenced by their frustratingly opaque policies on how they manage and protect companies from security breaches - any security breach would be quickly covered up. But it’s also true that cloud vendors are aware of this perception, and thus take great pains to secure their data.
 
In fact, I think if you did a study that compared the security breaches of cloud providers versus corporations, you’d find that cloud providers have a better track record of protecting their data.
 
For cloud service providers like AWS, Azure and vHC, security is always at the forefront of conversations, and in fact their track records support that it’s usually data outages that cause service disruption, and not security breachs that runs the cloud solution.
 
Unfortunately, even with all this technology and procedures, the answer to “just how secure is my data in the cloud?” is still - “it depends”.
 
At the end of the day, technology can only do so much to protect your data, and ultimately, security rests on the shoulders of data administrators and your corporate policies around securitizing your data. Yes, there are ways to mitigate that risk, and choosing a secure cloud provider is a big part of that answer.
 
What do you think? Are you worried about your data in the cloud? Are security concerns preventing you from migrating to the cloud? Let us know in the comments below!
 

About the Author

Michael Chen is a Consultant at Daymark Solutions and specializes in virtualization, as well as backup and data recovery for enterprise companies in Financial Services, Telecomm, and Healthcare. Michael holds various certifications from VMware, EMC, Hitachi, and Symantec