3 Easy Ways to Increase Your Cloud’s Security
The past few years have been pretty embarrassing for companies that had data exposed or hacked. Investigations have uncovered mismanaged data, lack of oversight, and poor cloud security practices. These troubles could have been avoided with better cloud security best practices.
All data breaches are embarrassing for the businesses involved. Breaches tarnish enterprise brands, lead to prolonged court battles with (rightly) angry customers, and ultimately require costly settlements. These burdens are enough to keep anyone running a business from sleeping well at night.
How do you manage sensitive data while making it accessible to the right people? How can you strike that balance between security and accessibility without making architecture or user access too complicated?
We’ve already discussed some of the main security risks of cloud computing. But you don’t have to completely overhaul what you already have in order to increase your cloud’s security. Here are 3 common sense ways to make your cloud network more secure.
Use Your Users
Where exactly are you most vulnerable? This is always a great question to ask yourself, and it’s part of a healthy paranoia that produces the most secure organizations since the answer will allow you to know your weaknesses as well as your strengths.
An even better question to ask: Who wants or needs access to your data? With Myriad, we always recommend asking this question.
End users, customers, employees, regulatory agencies, all need some way of getting to your data, but they are also your biggest points of vulnerability.
That’s not to say that you should cut off data access for those that need it, that wouldn’t be practical (or kind). What you should do is turn those vulnerabilities into strengths.
We’ve discussed internal Zero Trust Security and how depending on one person or system too much can lead to a massive security failure. But how do you practice Zero Trust with all of your users? By following cloud security best practices, of course!
There are two surefire ways to increase cloud security with your users.
· Encourage better passwords. Stop your users from thinking of passwords and encourage them to use pass phrases instead. Pass phrases are much harder to guess (for example, don’t use “password123!”, use “my grand aunt Cherry” - 20 characters versus 12 characters is almost 3 trillion times more difficult for a hacker to guess) Also, never reuse password as one exposure can easily allow hackers to guess the user email/password pair on any number of other online/cloud services. Password managers are a great way to keep track of all the creative and unique passwords your team comes up with.
· Encourage/require Two-Factor Authorization (2FA). It isn’t a 100% security solution, but 2FA is still very effective at preventing unauthorized access to data you want to keep secure
Making your users a part of your security solution rather than part of the problem is a great way to demonstrate that you take security seriously.
Your Data is never just “In the Cloud”
While we’re talking about cloud computing, it’s probably one of the biggest misconceptions that the cloud is just a magical digital space that lives on the internet. But that’s not exactly true.
It can be confusing, but your data is not “in a magical untouchable cloud.” While you might access that data over the internet, your data doesn’t live there, your data must live somewhere on a computer in the physical world.
So, where do you keep your data? Do you keep it on a single server? Or do you keep your data spread over several different servers?
To increase your cloud security, we recommend spreading your data over multiple servers.
Spreading your data over several different locations ensures that even if you are breached, the thief can only access some indecipherable fraction of the information.
But even then, you should have a final layer of security in place, which brings us to:
Encrypting your files is still one of the best ways to keep your data secure. Encryption has two benefits:
1. You get to have the final say on who gets to access your data.
2. Even if your data is stolen, it’s useless without the encryption key.
You can use a service to help encrypt your files, or you can have a service set up where you encrypt the files yourself. Both have their pros and cons, but we strongly recommend encrypting the files yourself, or at least have control of your own encryption key.
Having your own encryption key means you can:
· Control who accesses your encrypted files
· Limit reliance on third parties to manage your key and possibly lose or expose it
We’ve already discussed some of the more nightmarish scenarios that occur when too much depends on vendors. With very sensitive data, it’s important that you control the encryption keys to those files.
By encrypting your files, storing your data across multiple locations, and encouraging your users to create better passwords, you’ll be well on your way to having better cloud security.
Next Steps to Increase Cloud Security
Just to recap, you should be doing the following as part of your cloud security best practices:
1. Make your users take more responsibility for security
2. Spread your stored data over multiple discrete servers
3. Encrypt your data
These steps won’t keep you 100% secure, but they’ll get you started. If you really take cloud security seriously, see how you can tighten things up even further.
Want to learn more about how to secure your data? Subscribe to our blog. Or follow these links to see other things we’ve written lately.