Tips for Protecting Data Stored in the Cloud
Researchers from Sophos, a technology firm that develops antivirus software and other information security solutions for the public and private sectors, recently published the results of an interesting test set up to determine how quickly hackers detect new cloud computing networks. For the test, technicians set up unsecured Internet-connected computers known as “honeypots” to attract hackers. These honeypots were specifically configured as cloud servers located close to data centers operated by Amazon Web Services in California. It took hackers 15 minutes to scan and breach the honeypots. After a period of 30 days, attempted intrusions were taking place at an average rate of 13 times each minute.
What the Sophos test makes clear is that cybercrime groups are very interested in targeting cloud servers. All technologies have advantages and disadvantages. In the case of cloud computing, the problem is that it creates a significant “attack surface,” which is the term used in information security to describe the sum of all cyber risks. Though this doesn’t mean storing data in the cloud is dangerous, the larger attack surface calls for certain safety measures. The experts from Security Consulting Group, one of the most trusted security companies in Chatsworth, CA, offer these tips for keeping your cloud-based data safe.
Perform Frequent and Reliable Backup
Make sure to understand the data backup, replication, and recovery terms of the cloud computing service provider you choose. For example, if your data is safely backed up at two remote locations, you should be fine. However, a single backup stored in the same data center could be risky when sensitive information is handled.
Take Control of Encryption Keys
Virtually all providers of cloud computing services protect their clients’ data by means of encryption, and most of them choose to hold the cryptographic keys needed to decode files. Without these keys, hackers who breach a data center and gain access to your data will only see scrambled characters instead of text, audio, images, or video. For the ultimate in security, you can shop around for cloud services that let you hold the encryption keys, which are usually kept within an app that can only be accessed with a password.
Hire Physical Security for Hybrid or Private Cloud
Services such as Google Docs (now known as G Suite) and Microsoft Office 365 follow the public cloud paradigm, which may not always satisfy certain compliance requirements. If your business handles sensitive information that must be stored on premises, you’ll need a private or hybrid cloud solution, but this brings up a physical security concern. Let’s say you install a network-attached storage (NAS) device in your office. This will effectively give you the advantage of a private cloud you can fully control, but the integrity of the NAS itself is now your responsibility. The best way to protect hybrid and private clouds that store sensitive information is to hire a company that provides professional guard services in Chatsworth.
Insist on Two-Factor Authentication (2FA)
Access is the foundation of cloud computing security. Since the traditional username/password login method doesn’t provide enough safety for confidential information, you should look into enhanced techniques such as 2FA or even fingerprint scanners when accessing your cloud data. A basic 2FA configuration will only require a smartphone.
Keeping your data safe isn’t easy, but if you follow these key steps, you can go a long way toward making it more secure. Keeping your physical location and equipment safe is of course a top priority as well, so if you’re looking for the highest-quality security services for your premises, reach out to the trustworthy professionals at Security Consulting Group. Give us a call today at 818-462-3080.