Is The Cloud Really Safe?
The news is filled with reports of data breaches. It seems like we hear daily about some online service that has exposed our personal information. It’s no wonder that most small business owners I talk to have trepidation about the cloud. Moving your company’s data from the comfortable, familiar, in-house server to some nebulous, potentially risky service “out there” seems scary and will make you think “is the cloud really safe”?
I want you to have a good, healthy amount of fear regarding your data’s security. However, I find it humorous that so many small business owners have a staunch “No way, no how, no cloud” stance.
Why? Because these same people have been using and trusting the cloud for years for email, personal data, online shopping, social media, and banking.
I believe then that for most, it’s a fear of change and the unknown that is really at the heart of the issue.
I’m here to expose several myths about your data security in the cloud.
First, moving your business data and software to a cloud-based solution can be significantly more secure than storing it at your location.
In many cases, cloud computing is a MORE secure way of accessing and storing data. Having your server and data stored in your office does not make it more secure. In fact, most small to medium businesses can’t justify the cost of adequately securing their network the way a cloud provider can.
Most security breaches occur due to human error. One of your employees downloads a file containing a virus, doesn’t use secure passwords, or accidentally email confidential information to people who shouldn’t see it.
Small businesses are commonly breached because they don’t properly maintain their own in-house networks. They fail to stay up-to-date with security updates, software patches, and antivirus software. That’s a FAR more common way networks get compromised versus a cloud provider getting hacked.
One of the keys to safely transitioning your data to the cloud is selecting vendors you work with. For example, our backup solution has been vetted and approved by FDIC auditors for use in banks, making it more than secure for our smaller businesses.
Regardless of where your data is stored, your IT company must continuously monitor your network. Patches, antivirus software, updates, and third-party backups (even for the data you store in the cloud) still need to be in place.
If you’re in a regulated industry such as healthcare, financial, or legal, compliance is a concern. Laws and regulations, such as Gramm-Leach-Bliley, Sarbanes-Oxley, and HIPAA, require that companies control and protect their data. They must also certify that they have knowledge and control over who can access the data, who sees it, and how and where it is stored.
Major cloud providers, such as Microsoft, have already devoted the time, resources, and legal expertise to certify that their services meet or exceed these legal regulations.
Cloud service providers should also have SAS 70 certifications. This certification requires them to demonstrate they have adequate controls over their environment, how and where the data comes in, what the provider does with it, and how it is accessed and processed.
Companies like Microsoft have already built and continuously monitor and maintain a secure infrastructure for your data. Further, because they do this for thousands of companies worldwide, they can spread that cost over all their customers. This makes the security level you get exponentially less costly than you could ever achieve on your own.
With all this being said, you still need to work with an IT partner. You need a partner that knows how to migrate, configure, and work with your services in the cloud. Ultimately, you are still responsible for your data, and you will still have some work to do on your end. With a knowledgeable IT partner to help you through your migration, moving your data to the cloud can be more secure than it is now in your office.