By PowerBuy // 8 April 2015 // Related Categories: Tips

Leviathan Security Group research has identified three key factors in the effectiveness of cloud security: availability, staffing and vulnerability management. Only by considering, and carefully managing, all three can you be confident that your business is as well-protected as possible.

Availability

Leviathan warns the owners of cloud-based businesses that many so-called cloud solutions are, in fact, based on single data centres and are therefore vulnerable to physical disruptions. From Hurricane Katrina to the explosion of a Shaw Communications building in 2012, there are numerous examples of data centres being compromised by unexpected events. Indeed, the Leviathan paper points to examples of entire countries being taken offline, such as when a 2008 Suez Canal accident caused widespread outages in Pakistan, Egypt, India, Kuwait, Lebanon and elsewhere. The message is clear: businesses must take advantage of the geographic redundancy offered by a cloud solution hosted across data centres in different regions, “ensuring that data is replicated not just across a city, but across a continent or an ocean.”

Staffing

Cybersecurity experts are hard to find. Leviathan notes that globally, there are over one million cybersecurity positions unfilled (‘unfilled’ being defined as vacant for over one month). The solution for any organisation is to train or import needed staff. But these options are time-consuming and expensive; a better option might be to use the skills of a dedicated cloud provider’s team. This has the advantage of drawing on the resources and continuity offered by a larger, more specialised organisation. Of course, you may have operational reasons for keeping certain skills or tasks in-house, but it may also be more time- and cost-effective to outsource some tasks and functions to an external provider.

Vulnerability management

Leviathan emphasises that, as high-profile attacks on both online and physical retailers and service providers have shown, cloud-based storage is not immune to the threat of cyber crimes. Indeed, modern technologies allow would-be data thieves to constantly probe all networks, allowing them to take advantage of any momentary lapses. Cloud solutions offer advanced data management capabilities that may be beyond those of your own organisation; they can also take advantage of dedicated security experts. Regardless of the solution you choose, you need to consider how vigilantly your network is maintained, taking into account security patching and updates, perimeter rule changes, and preventative measures, such as intrusion detection systems. It’s a constant battle; as the Leviathan report states, “the defence, like the adversary, must be continuous, growing, and tireless; anything less will not suffice.”

Sealing the cracks

Of course, there are other factors which affect data security. It is important to monitor and audit data, and keep authentication protocols up to date. However, these considerations are meaningless if one doesn’t first take steps towards ensuring that the data is hosted in multiple secure locations, maintained by expert staff and protected from would-be data thieves. This done, you can say with confidence that your data in the cloud is as safe as it can possibly be.

Comments: 0 // Share:

Add Comment