As more companies rely on the internet to effectively run their operations, it’s more necessary than ever for them to have somewhere safe to store their data. Traditional methods of physical document storage, whether onsite or on remote hard drives, have been replaced by the widespread usage of the cloud.
The cloud refers to any software or services that run using the internet, instead of being stored locally on a computer. For instance, Dropbox features folders of files you can log into, or access if you have a link to a shared folder, while Google Drive allows users to store files on their servers. Cloud storage is considered to be a more flexible and reliable approach, however, it still presents some risks to users, including the potential for data breaches, misuse of information and data loss. As such, 61% of SMB’s are concerned about how secure their data would be. Should businesses be worried, and are cloud storage services truly a safer alternative to having servers onsite?
How safe is your data in cloud storage?
Files uploaded to cloud servers benefit from an enhanced level of security, as they can be protected by more measures than a simple password. Cloud storage services offer multiple security features. Google Drive, for instance, has a two-factor authentication, SSL encryption, and standard encryption in place.
Pros of cloud storage
- Most cloud services, including Google Drive, Dropbox, and Microsoft OneDrive, offer free storage, up to a maximum amount of data, which is 2GB for Dropbox, 5GB for OneDrive and 15GB for Google Drive.
- Cloud services can act as emergency backup should your physical data be compromised.
- Accessing your documents with a few clicks is far more convenient than having to rifle through a filing cabinet, saving on physical space in your office.
- Cloud storage providers are flexible. You’ll only pay for the space your business requires, easily allowing you to increase or decrease your storage limit if necessary, such as Dropbox’s Plus and Professional plans.
Cons of cloud storage
- Cloud storage leaves businesses open to a wide range of cyberattacks.
- When you consider that companies are giving these storage providers access to their sensitive data, there remain understandable security and privacy concerns around the cloud.
- Some cloud services have a specific upload speed which may increase the time spent uploading files. For example, Microsoft OneDrive’s upload speed is 2000 to 10,000 files every 24 hours.
- Due to the sensitivity of data and the risk of breaches, cloud storage may not be appropriate for certain industries, including healthcare and finance.
The risk of data breaches
Any document shared over an internet connection is vulnerable to being usurped or attacked, especially since businesses are trusting their sensitive data in the hands of a third party. As a result, this data is typically taken outside of the regular IT department, which means that businesses could potentially lose control of their own information.
Every business has private documents they would want to keep that way—these may be financial records, business plans, or personal data. According to a report by Skyhigh, one in five documents contains confidential information, so it’s crucial for businesses to get their cybersecurity right. Data breaches are risky and costly, a business may have to compensate affected customers, implement new security measures, or experience falling share prices.
Cloud security is a shared responsibility among a corporate team, but as more information is shared outside of the workplace, it’s possible for data to fall into the wrong hands. As such, it’s important that companies understand who is responsible for what. Cloud providers like Amazon Web Services have adopted this model, it says that the cloud service provider is responsible for the security, while customers are responsible for securing the data that enters the cloud.
How to keep your data safe in the cloud
Rethinking approach to cybersecurity
Migrating services to the cloud means that security needs to be rethought, companies can no longer rely on the traditional castle and moat approach when services and data are sitting beyond the corporate pesimeter. A zero trust approach to security has been touted as the solution whereby a software-defined perimeter is used to provide an access architecture to the modern application infrastructure, ensuring that only sanctioned parties are able to see and access services.
Two-factor authentication
The basic login model of ‘username and password’ isn’t secure, especially not for important information, which is where two-factor authentication (TFA) comes into action. This security approach can add an additional layer of cyber protection to your business, by asking users to enter a bit more information after entering their username and password. Information such as a PIN number, secret question, or access to a smartphone device are types of TFA you may be asked for. Attackers may get through the first stage of entering a password, but be prevented from access because of the required extra information.
Insider threats
While uncommon, corporate data can be compromised from the inside by employees carrying out an attack—although this can happen unintentionally. To prevent this, business owners must ensure that their employees only access the information they need to, and nothing more.
For instance, someone working in marketing doesn’t necessarily require access to information used by the HR department. If this happens, the company’s attack surface—how many possible points of entry a cyber attacker has access to—increases, making data more vulnerable. For businesses, this could be how many employees are able to log into your systems, what software you use, and the security of your internet connection.
Should you stick to local storage?
Local storage, although seemingly outdated, hasn’t completely been rendered a thing of the past. Depending on the type of your business, more traditional storage solutions such as thumb drives, external hard drives or solid-state drives may actually be more effective.
Pros of local storage
- Businesses have full control over their data and who can access it.
- Local storage doesn’t require an internet connection, so issues with your service provider won’t impact your business from accessing its data.
Cons of local storage
- Depending on the size of your business and its expected growth, hardware and software can be an expensive investment—an entry-level server, for example, can cost up to £400.
- Onsite disasters, such as fires, hardware failures and accidental deletion could see companies lose every piece of data as local backups could be destroyed.
- Storing paper documents onsite is less environmentally sustainable.
Regardless of the growing popularity of cloud storage, you should evaluate what your business needs from its data security and protection before making a decision. Weigh up the pros and cons of each type of storage, and remember, you could even use both local and cloud storage to help maintain your security.