How To Protect Your Information In The Cloud

The cloud is a great way to store files without running out of hard drive space, collaborate with coworkers without being present in person, or access files from any location. However, because the data is stored in someone else’s data center, the same security tools that once were used to secure data in on-premises data centers will no longer be useful to protect information in the cloud. By taking the right precautions, however, you can protect your data without sacrificing the convenience and simplicity of cloud-based applications.

Use A Cloud Access Security Broker

Cloud access security brokers (CASB) sit in between the customer and the cloud service provider and act as a gatekeeper to allow organizations to extend their security controls to the cloud. CASBs enable:

• Continuous visibility into all the cloud services being used at an organization, with detailed risk assessment of each cloud service.
• Threat protection against compromised accounts, insider (negligent or malicious) threats, malware, and other external threats.
• Data security in the form of data encryption, tokenization, information rights management, and access control.
• Compliance with internal policy, external regulations (HIPAA-HITECH, PCI-DSS, EU GDPR), and other data residency requirements.

The rapid growth in cloud services has made CASBs a must-have security technology. The analyst firm Gartner predicts that by 2020, 85% of enterprises will be using a CASB to secure their cloud applications.

Create A Strong Password

Believe it or not, “password” is not a good password to use. In fact, 90 percent of people’s passwords are so simple that they can be cracked in just a few seconds. This could all be avoided by choosing a password that utilizes several secure features. For example, you should always train employees to pick a random word that has no relevance to them. They might even want to add the name of the service they’re using after that word, just to make the password more effective and unique. Finally, ensure that all passwords require some numbers and special characters.

For cloud applications that contain highly sensitive information, experts believe that the password shouldn’t contain any words found in a dictionary, nor should the password have been previously used for any other service. Lastly, passwords should be changed every 90 days to further minimize the risk of a compromised account.

Avoid Public Networks

Public Wi-Fi is convenient for doing some work on the go. In fact, 95 percent of Americans admit to using free Wi-Fi services to get work done while on their commute. Because these public networks are completely unencrypted, hackers can easily access whatever data you’re looking at on your device. To prevent this, always make sure you’re using a business’s official Wi-Fi hotspot. You should also use a VPN to protect your identity, and keep your operating system up to date.

If VPN isn’t an option then avoid working with sensitive data while connected to a public Wi-Fi. When a Wi-Fi connection isn’t needed, ensure Wi-Fi on the device is set to off mode to avoid unintentionally connecting to an unsecured Wi-Fi.

Encrypt Sensitive Structured/Unstructured Data At Rest And In Motion

In addition to using a CASB, encrypting each piece of sensitive data directly is a good way to ensure hackers can’t get their hands on it. This means encrypting files and data before it is uploaded to a cloud service, using encryption keys that only you have access to. Keep in mind, however, that encryption can sometimes break some of the native functionality of a cloud service, such as previewing an encrypted document directly from the cloud service, or sorting a column of encrypted structured data.

Don’t Store Private Information

This might seem to defeat the point of the cloud, as it’s meant to be a repository for all of your files, regardless of content. However, even if you take the most precautions possible, there is still a risk of being hacked. Therefore, try to avoid uploading things you’d never want anyone but yourself to see, such as compromising photos, important financial or tax documents, valuable intellectual property, or a list of passwords to other services.

Keeping your organization’s cloud data secured doesn’t have to be a headache or a money pit. Just follow these simple tips and you’ll be on your way to having a safe space for all your employee’s cloud computing needs.