If you consider a security breach as a minor inconvenience, think again. An Experian corporate blog post revealed that over 60 percent of SMBs (small and medium-sized businesses) that were hit by a breach ended up folding after six months. Also, in the event that proprietary data gets compromised, the business owner has to endure the eventual fallout of the company’s reputation and its associated financial repercussion.
These days, most businesses use cloud solutions, which have their risks and benefits. Here are effective tips to secure your company data in the cloud.
One, be on the lookout for security breaches and bugs, and then act accordingly. Take the case of the Heartbleed bug, for example. Your e-commerce site makes safe its sales transactions behind an open-source-software implementation called Secure Socket Layer (SSL), where Heartbleed resides. Now, have you updated and changed your site in response to the discovery of the bug? Two studies uncovered that 57 percent of websites impacted by Heartbleed did not do anything, while 67 percent of polled users had taken no action towards securing their online accounts. Another unsettling finding was that 75 percent of surveyed employees said that they did not receive password-change instructions at work. If you do nothing even at the wake of a well-publicized breach, you are courting trouble.
Two, have the ability to revoke employee access at will. This level of control is crucial, most especially when an employee leaves your company. You should also know that you can simplify the process of changing user logins and passwords across the board. This can be done easily through an Identity and Access Management (IAM) solution.
Three, make sure that your employees understand and follow secure practices. Otherwise, the ones who are lax about security can intentionally or unintentionally leak proprietary data. Your workers are the weak points that can potentially undermine the security of your data in the cloud. Educate your employees about the tactics used by cybercriminals. Most importantly, affect a cultural change in your company that promotes data security. A data security consultant can be invited to deliver a talk or you can have them go through a Web-based training lesson.
Four, pay attention to the mobile devices used in your business organization. Sales transactions via traditional PCs are decreasing, because more and more people are resorting to smartphones and tablets to shop online and access cloud data. By 2017, security breach targets will be mostly tablets and smartphones, according to a Gartner forecast. Thus, be extra careful if your employees can use mobile devices to log in to your company’s various cloud accounts. Rooted mobile devices, in particular, are susceptible to brute force attacks that yield passcodes.
Finally, choose your cloud provider carefully. When selecting a cloud service provider, be smart and find out where its data servers are located and the security measures implemented to protect them. Would you trust the safekeeping of your customers’ financial data, for example, on a dubious cloud vendor that even allows users to register using their social networking account logins? SpiderOak, Tresorit, and Wuala are three excellent cloud storage and backup solutions for businesses. They allow secure multi-user access through various desktop and mobile platforms.