Security in the cloud is the first and most important concern raised when discussing cloud computing. Following on from last week’s post “Can You Run Your Entire Business in the Cloud?” is another question business owners often ask me: Is the cloud secure?
Security in the cloud is often framed as a major risk but I firmly believe it is in fact one of its greatest strengths. Many security risks can be mitigated by migrating your systems and processes to a leading cloud platform.
Whether you are using a cloud solution or server software, mitigating security risks needs to be one of your highest priorities. The reputational and financial damage caused by a breach can be severe. There are many publicly documented incidents such as the Sony Playstation Network hack, but many many more fly under the radar.
Running world-class security and processes is a costly, time intensive and highly complicated exercise which is far beyond the capabilities of all but the largest organisations. If you don’t think you need world-class security because you’re only a small business which isn’t worth hacking, you’re dead wrong.
A news report today revealed a niche soft-drink importer had his website taken offline by hackers who demanded a ransom of $5,000 to put it back online. The importer ignored the extortion attempt and it took a week for the US tech support team to restore the site which lost the business tens of thousands of dollars, the importer claimed.
“It’s looking like we’re going to have to start from scratch. We’re going to have to go back to basics to start driving traffic to the site again. We’re back to square one,” said business owner David Robinson.
What would happen if tomorrow all your systems were unavailable, your phone system was down and all your critical data gone or stolen? This can happen to any business regardless of size or location. Hackers are using automated systems to scan for common vulnerabilities on outdated servers. Sometimes the threat is unintentional; an employee with the wrong kind of access can unwittingly destroy critical data.
Salesforce.com is a great example of the depth of security available in the cloud. Their Trust website provides unprecedented levels of transparency with real-time information on system performance and security.
Their stated number-one priority is to ensure the privacy of their customers data and as such the salesforce.com platform was designed from the ground up to be secure down to a single record of data.
This means you have complete control over who can access what, when and from where, and back-ups and recovery are managed by salesforce.com on behalf of its customers. You are protected from the most malicious attacks and the system performs when you need it to. Salesforce.com is accredited by global regulatory bodies and audited by the most rigorous security teams from corporate customers such as the Commonwealth Bank.
By comparison, I am often amazed at how poor internal security is in businesses I visit. Post-it notes with passwords stuck to screens, server rooms with the doors propped open to let the air circulate. A business can fixate on security at the edges of the corporate network or the office itself at the expense of protection against internal risks.
If you are worried about security in the cloud, take a long, hard look at your current security processes and see how they compare to the world-class standards provided by cloud providers.
Image credit: MyCloudReport