Even in this day and age, some businesses remain fearful of the Cloud. Are they right to be circumspect and untrusting? Is Cloud data an open door to hacking and cyber-crime or is this an irrational fear? We’ve all seen sensationalist media coverage around Cloud security involving celebrities, banks and even accounting software, so what is the truth?
Data security for a business is paramount and with so many companies feeling comfortable about moving their business to the Cloud, surely the Cloud cannot be as risky as we are led to believe? But how do we distinguish the myths from the truths?
Myth 1 – All Clouds are created equal
What is “The Cloud” really? It’s still computers, databases and the internet. There are so many different offerings of “Cloud” services that bunching them all together under one heading can be misleading. At a personal level, for example, most people don’t know where their data is anymore. So when you save your iPhone photos to iCloud or manage your Facebook profile, where does that information reside? Who takes care of it? What happens if you can’t access it one day or it disappears altogether? This may be a small risk to an individual but this level of uncertainty would be entirely unacceptable for a business.
Myth 2 – Cloud business systems employ the same level of security
Obviously, enterprise class business systems need to be far more secure than personal ‘data Clouds’. However, you can’t assume that all Cloud business solutions have the same level of security.
The measures different providers put in place can be worlds apart! ‘Best in class’ Cloud providers have extremely tight security measures in place, including:
- Top quality data centre architecture that includes two geographically separate data centres.
- Application security comprising industry standard SSL encryption and application-only access so that users can only access the application features and not the underlying database. Audit trails, restricted user access, IP address restrictions and robust password policies are also key for making sure a business’ data is as secure as possible.
- Continuous system monitoring by a dedicated security team so that any suspicious activity is quickly identified and dealt with.
- Background checks on Cloud provider’s staff and strict physical access restrictions to the data centres.
- ‘Best in class’ security certifications, providing independent verification of the system’s security credentials.
Research is a must here. Security is a primary consideration and so each business needs to conduct its own diligence.
Myth 3 – Choice of technology partner has little bearing on Cloud security
The term “Cloud Computing” is popular so it stands to reason that traditional software companies see a wider market for their applications if they, too, are “Cloud”.
Be wary of re-engineered applications, or as some people call them “fake Clouds” which could be something as simple as your own software running on someone else’s server. This is not solving the challenge of moving to the Cloud, this is just taking your server off your premises and moving it somewhere else.
If you want to enjoy the benefits of “true Cloud”, look for a partner who works only with true Cloud applications and does not volunteer for the onerous task of providing hosting.
Myth 4 – On-premise systems are so much safer
It’s interesting that so many business leaders still consider on-premise business systems as so much safer than Cloud solutions. Yet storing data on-premise is akin to keeping all your money in a shoe box under the bed.
Far too many businesses still have on-site servers that are inherently risky due to location, questionable back-up processes and defective security measures. Servers in unsecured places and business owners with data backed up to USB devices on keyrings are worryingly common.
And how many businesses test whether their servers could be restored if there was a devastating fire, for example?
Whilst cyber-crime needs to be protected against, how many business owners seriously protect themselves against threats from ‘insiders’? The malicious theft of data from a disgruntled employee, a fraudulent act from an unscrupulous insider and negligent/accidental behaviour that creates a security breach, are still far more common than cyber-attacks. An on-premise server offers ‘insiders’ far greater access to the company’s precious data!
It’s important to keep concerns about the Cloud in context. If the combined purchasing power of a global installed base can make best-in-class security and availability affordable to the majority, then surely anything that takes the risks out of a business is a good thing? Best-in-class Cloud software is out there and so perhaps it’s time to stop worrying about what could happen, and look to see what’s available now and how it could help your business?