Businesses are transferring more and more client information files online for storage on hard drives in remote data centers or server farms that offer convenient Internet access. Buying space in this "cloud" (a $40 billion a year business, according to the IDC research firm) is becoming as common as paying for power, water and Internet service. With corporate spies after trade secrets, hackers out to steal sensitive financial information, and the federal government demanding online communications records, protecting data in the cloud creates a serious security risk for companies of all sizes.
"It's easy to overlook security because of the virtual nature of the cloud," warns Thomas Trappler, Director of Software Licensing at UCLA. "Your data is going over the Internet to another computer and not to some magical world where everything's going to be fine." Unfortunately, businesses often seem blissfully unaware of this threat: a recent nationwide study by the Ponemon Institute found that half the firms surveyed had not considered security risks when storing data with providers in the cloud.
A major question in these deals is determining who's responsible for the risk of compromised data. Because companies often lack security expertise, they expect cloud providers to do the job. Some providers certify that they meet government or third-party standards for data confidentiality. However, few of them let clients test their digital security - which leaves their clients feeling that they might be liable.
To minimize this risk, Trappler advises businesses to:
- Evaluate the provider's reputation.
- Insist on reviewing its encryption and security systems.
- Set guidelines for immediate notification of any breaches.
You can also protect yourself from the risks of storing data in the cloud by investing in Cyber Insurance. To learn more, just get in touch with us.