Tech Insights

rss

Contributor Columns on Information Technology and Security

Why Your Business Should be Securing its Cloud Data

Businesses today are storing an increasing proportion of their data in the cloud. While this can be more cost-effective and can take advantage of backups, businesses also increase their risk of having the information stolen. Since the data can be accessed from anywhere in the world, nefarious individuals who steal just simple passwords can cause great organizational harm. 

Businesses today are storing an increasing proportion of their data in the cloud. While this can be more cost-effective and can take advantage of backups, businesses also increase their risk of having the information stolen. Since the data can be accessed from anywhere in the world, nefarious individuals who steal just simple passwords can cause great organizational harm. 

For this reason, competent businesses today should understand how to secure their data that is stored in the cloud. By doing this before a problem arises, businesses can rest assured that they are protected from harm. Below are six strategies that businesses can implement to enhance their data security in the cloud.

1. Restrict Access

Many cloud security breaches that businesses experience are caused by insiders within the company. Whether looking to steal information, damage the company, or override bureaucracy, catastrophic system harm can result from unauthorized access. Motivated users with full access to the system could even conduct damaging activities like deleting backups to prevent recovery. Other internal users might encrypt an entire system to hold the company hostage for a ransom. These are just a small sample of the harm that could be done due to unauthorized access. Thankfully, these issues are fairly easy to overcome by ensuring that users with access are limited to essential personnel. Even the most trustworthy individuals can cause harm to a system if provided with the right motivators. For this reason, businesses should understand that access restrictions are their most powerful tool for securing their cloud data.

2. Segment Users

As part of restricting access, businesses should ensure that users are segmented appropriately. This means that non-essential personnel should only be given limited access to a system. When in doubt, users should be given limited accounts and should only receive information if requested. This ensures that third-parties oversee the dissemination of information to limit potential damage. Further, businesses should frequently review lists of individuals with access to review the justifications for access rights. Without doing this, the number of users with access can accumulate over time and leave businesses vulnerable. By implementing a system of limited access and actually putting it into practice, many common security breaches can be avoided.

3. Automate Intelligence and Alerts

Like with other systems, businesses should have analytics and automated alerts to keep track of how cloud systems are being used. All user access should be logged on external servers to aid in investigating malicious activities. These logs should be saved for at least three months in case a breach is discovered later in the future. Additionally, these logs should be fed into programs capable of watching for potential malicious activity. When anything remotely suspicious is discovered, the information should be forwarded to an impartial third-party capable of judging the significance of the suspicious activity.

4. Implement a Password Policy

An effective password policy can protect businesses from many common threats both internally and externally. To develop a password policy, organizations should first work with technical specialists to find internal systems that could be vulnerable and develop ways to protect the passwords. Organizations should keep in mind that each character makes a password 255 times more difficult to crack. A 4-digit password would require just 211 million hashes while a 16-digit password requires an average of 1.6 X 10^38 hashes. This is the difference between less than a second on a computer from the 1990's and centuries with the entire world's computing power. Passwords should also be protected from dictionary attacks, which seek to guess passwords by attempting permutations of words in the dictionary. 

5. Promptly Remove Access

In the even that an organization chooses to relocate or terminate an employee, access should be promptly restricted. In many cases, organizations should notify the employee after system access restrictions are already in place. This protects against unauthorized activity due to vindictive employees. In addition, organizations should also be sure to promptly remove access for temporary workers and employees granted one-time access.

6. Encrypt Connections

When cloud systems are accessed, businesses should ensure that their connections to them are secure. A VPN (Virtual Private Network) can be an effective way of protecting information from being intercepted while in-transit. Unencrypted connections even leave businesses vulnerable to attacks from outsiders who 'sniff' traffic to gather intelligence. Since this information often travels thousands of miles to its destination, protecting it from malicious interception is critical.

Showing 0 Comment
Your comment will be shown after administrator's approval







b i u quote

Save Comment
The Number One Menace to All Organizations
 

Learn more about how to protect your organization against this growing menace
https://info.knowbe4.com/ransomware-simulator-tool-its