Editor’s Note: This is the second of a two-part series. Please see PMP’s August 2015 issue for Part I.
The cloud makes business data storage and delivery a breeze, but there are pitfalls to note, prepare for and avoid.
As you likely already know, cloud storage is “a service model in which data is maintained, managed and backed up remotely and made available to users over a network (typically the Internet).” (Source: WhatIs.com)
In addition to what we covered in the August Mobile PMP column, here are four additional factors to keep in mind to help ensure you, your company, your employees — and all related data — remain safe and secure in the cloud.
1. Encryption is the most important and viable way to protect your company’s data when employing the cloud. If you have only a vague idea of what encryption means, think of it this way: Data is transformed into a coded form, rendering it unreadable to anyone not authorized to access it. There are numerous systems from which to choose. The best way to cut through the confusing process of protecting data is by assessing the threats and risks your company’s data faces.
Last month, I mentioned the importance of a data audit for developing a security policy. Similarly, a risk audit and/or threat assessment can help you identify weaknesses in your data armor. Combine your data audit results with your risk audit’s, and you’ll have created a good guide in your pursuit of the encryption service that best suits your business’ needs.
2. Managing mobile devices is another way to secure cloud-based business data. When devices are for both business and personal use, the impact is twofold.
Unprotected mobile devices are like portals into your cloud data, an open invitation to malicious hacking. That’s why a wide variety of mobile application management (MAM) and mobile device management (MDM) tools have been developed to close the portal and rescind the invitation. Many MDM and MAM manufacturers and vendors offer features — including synchronization and secure network tunnels — for business data. Whether the mobile devices used by employees are company-provided or purchased independently, synchronizing the type of security for all devices used by your company makes data protection substantially more effective.
3. Evolving with technology is one of those rules of data storage and transference that seems like a no-brainer, but is commonly overlooked. The process of evolution is essential. No matter how airtight your security systems are, they’ll become outdated (or obsolete!) sooner than you might guess. You can’t put a security system in place and walk away. Regular reviews that systematically examine the details of your security systems are vital.
Protecting data is an ongoing process. Luckily, the most reliable manufacturers and vendors of cloud security systems do most of this work for you, by alerting you to critical updates that will strengthen your security against the latest threats.
You should be revisit your security plan quarterly — if not more often.
4. You get what you pay for. This old adage couldn’t be more appropriate than when it’s applied to cloud security. There is a distinct difference between the cloud services designed for consumers and businesses. The perceived appeal for consumer services is that they’re substantially cheaper. But consumer safety and business safety are completely different arenas. The amount of data alone should be enough to illustrate the primary difference between consumer and corporate data.
An individual consumer’s address book and social connections are like a treasure trove for “cyber-villains” looking to exploit weaknesses in security. Imagine the treasures that could be mined from an entire company’s data … a company like yours.
You can reach PMP Senior Editor Will Nepper at firstname.lastname@example.org or 216-706-3775.