In light of the recent iCloud celebrity photo hack, it’s important for businesses to take a look at the differences in data storage options and investigate the best place to keep information to prevent the loss of extremely sensitive corporate data or trade secrets that could get companies into legal and financial trouble.
Although cloud security breaches can grab headlines, cloud is more secure than other data storage options for the following reasons:
Both physical and virtual measures control data access. In addition to the physical security measures in the buildings that house data centers, cloud providers ensure network security by creating a server architecture that allows businesses to block inbound firewall ports from unsecure inbound connections.
Employees’ endpoint devices frequently connect to unprotected networks, which means that sensitive data can easily be lost. Cloud-based storage encryption keys are crucial for transmitting data to prevent unauthorized viewing. Two-factor encryption key management means that the cloud storage provider has zero access to the encryption keys, and the encryption key is even further encrypted using a customer’s admin credentials. Even in the event of a subpoena, the cloud provider has absolutely no way of granting access to your data because only a token is stored virtually.
The infrastructure of the cloud offers more protection than a single data center. If your data is being stored in a single server at ground level and not virtually in the cloud, it’s easily susceptible to power outages, sabotage, and natural disasters that can lead to downtime that limits access to information or permanent loss of critical corporate data. Cloud-hosted data is housed in multiple data centers that are geographically redundant, so in the event of a disaster or an attempted break-in, a compromised server will automatically and instantly fail over to another data center, which means continuous access and security of your information.
With multiple, redundant data centers, you choose where your information is stored. Because business today is increasingly globalized, it can be easy for employees to back up to a local data center and unknowingly violate local data residency laws. Or if employees need to move to a new office in a remote location, the company could have to purchase expensive server equipment to house a data center locally. The cloud offers multiple redundant data center clusters, allowing you to choose exactly where your data will reside across multiple regions, and you won’t have to worry about violating local compliance laws. When additional data centers are made available, the provider can make these regions accessible in the product and enable customers to create new storage volumes and assign new users in these regions with just a few clicks.
Cloud-based service providers can undergo rigorous audits. External audits can ease the security concerns of customers who put their data in the cloud. Some cloud vendors are regularly assessed on all aspects of their cloud infrastructure, including operations, control, facilities, physical security, firewalls, network configuration, account management, and storage. These reports ensure that providers are compliant with local and international laws, and help businesses compare and select the right vendor for their specific data storage needs.
All Clouds Are Not Created Equal
It’s important to remember that not all cloud storage is protected the same way, and not all providers offer the same measures to keep your data safe. To ensure the proper level of protection, businesses must have a transparent conversation with cloud storage vendors about the security measures in place to keep information safe and to find out exactly where the data will be stored.
Additionally, businesses should request Service Level Agreements (SLAs) from providers to compare service uptime and data durability, and ask about the process for getting your data into the cloud and back out again. The procedure for accessing data must be just as secure as keeping it there.
Verifying the measures a cloud provider takes to control data access, the location of the data centers, and procedures for encryption and storage of cloud data could mean the difference between total security and a breach like we saw with iCloud.
Dave Packer is Senior Director of Product Marketing at Druva. He has more than 20 years of experience influencing products in the enterprise technology space, primarily focused on information management and governance. Prior to joining Druva, Dave has held executive positions at Autonomy Corp., Interwoven Inc., and Silicon Graphics. He was also instrumental in the product and market definition of the first widely deployed mobile device, Tablet PC, while at Uppercase, Inc., (acquired by Microsoft in 2000).
Subscribe to Data Informed for the latest information and news on big data and analytics for the enterprise.