BNMC Blog

The Cloud Isn’t Necessarily Safe

The Cloud Isn’t Necessarily Safe

The Cloud. That big, vague entity where a lot of us our entrusting our information has lifted a huge burden off of businesses by alleviating the need for expensive onsite hardware. It makes user management a little more user friendly. It keeps us connected and in communication no matter where we are.

It’s pretty great, right? With every silver lining, there is a darker, more dreary side. For cloud computing, it’s the fact that, like all technology, it is not inherently secure.

The Cloud is (Basically) Just Someone Else’s Computer

When you connect a computer to the Internet, you invite outside entities to try to infiltrate it. Viruses, malware, unpatched vulnerabilities, and other threats can creep onto an unprotected device and take over. This could lead to data theft or data loss. That’s why we all know to use antivirus and avoid using outdated software. That’s why we don’t install random software or visit sketchy websites. I’m pretty confident my reader base knows the drill here.

The cloud is essentially no different. It’s just a computer or an array of computers connected to the Internet. If it isn’t properly protected, it can be compromised. 

If you use Google’s G Suite platform and your email is handled through Gmail, and you are storing files in Google Drive, then you are simply using Google’s computers to do so. If you are using Microsoft 365, then you are storing your email and data on Microsoft’s computers.

*Side note, I miss being able to refer to anything related to Microsoft as belonging to Bill Gates. I’d love to be able to tell clients that they are using Bill Gates’ computers to store their Outlook. Maybe I just still haven’t come to terms with the fact that he stepped down from Microsoft back in 2006.

The point is, while we can typically trust these massive services to handle our data correctly, we still need to be aware that we are depending on them to do so.

On a smaller scale, you might use a local web hosting company, or you might pay to host a server at a smaller data center. The same applies - you are relying on this third-party to keep you safe.

My gut tells me to be skeptical whether I’m entrusting a major corporation like Microsoft or a small company with a data center, but at least with Microsoft I know that millions of others are using the service.

The Cloud Isn’t Always the Fast Path to Compliance

Complying to industry standards like PCI DSS, HIPAA, and the GDPR can be a big undertaking, especially for smaller businesses. Often, a nice big step towards compliance can be to rely on a third-party who focuses on hosted environments that meet those compliance regulations. This means that moving towards the cloud is often a win, but you need to read and understand the fine print before you simply pull the trigger.

For example, let’s say you are storing names and credit card numbers. You absolutely need to keep this data encrypted and control who has access. If your cloud host can get around that and employees can access the data, you might not fall under certain compliances. 

When it comes to protecting the data of your customers, there are a lot of moving parts and considerations, so spending a lot of time upfront and ensuring that your cloud solution can handle this, AND doing regular checks will have to become a way of life.

Like Anything Else, It’s Only as Secure as Its Weakest Link (Sorry, End Users)

Ever play Jenga, where you have to carefully pull blocks from a stack while trying to prevent the entire tower from falling over? Each time someone picks at it, there is a greater risk of the whole thing toppling down. The more hands that get involved means the more likely that things will go wrong faster.

Security is like that too. An end user could accidentally share a folder or set it to public. They could have a weak password, or use the same password on multiple sites. They could lose their mobile device and inadvertently give someone else access to everything.

Fortunately there are policies and settings around most of the obvious threats these days, but whether or not they are enforced is a whole other thing.

Who’s Responsible For Protecting My Cloud Hosted Data?

When it comes down to compliances, it’s really up to you. YOU have to protect the sensitive information of your employees, your customers, and your prospects.

That doesn’t mean you are alone. The IT security experts at BNMC can help audit your IT, whether it is onsite or in the cloud, and help you meet compliances. We take protecting the sensitive data of you, your staff, and your clients very seriously.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, February 28 2020

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Productivity Cloud User Tips Email Software Microsoft Network Security Hackers Computer Hosted Solutions Malware Google Data Business Efficiency Communication Mobile Devices Tech Term Small Business IT Services IT Support Hardware Workplace Tips Internet Innovation Managed IT Services Ransomware Cloud Computing Smartphone Smartphones Data Recovery Backup Upgrade Outsourced IT Mobile Device Android Saving Money Windows Facebook Windows 10 Users Miscellaneous Information Data Backup Browser Server Phishing Business Management Social Media Office 365 Business Continuity Managed IT Services Microsoft Office Cybersecurity Passwords Internet of Things Data Management communications Windows 10 Network VoIP Productivity Gadgets App Word Vulnerability Gmail Remote Monitoring Chrome Quick Tips Infrastructure Managed Service Apps Artificial Intelligence Disaster Recovery Encryption VPN Access Control Money IT Support Applications Router Settings Managed Service Provider Save Money Virtual Reality Tip of the week Analytics Website Employer-Employee Relationship BYOD Big Data IT Management Data Security Paperless Office Display Virtual Private Network Unified Threat Management Robot Google Drive Company Culture Content Filtering Employee-Employer Relationship Bandwidth Automation YouTube Collaboration Firewall Maintenance Apple Risk Management Avoiding Downtime Education Development Storage Antivirus Government Office Tips Networking Computers Hacker Data storage Mobile Security Hard Disk Drive Retail Alert Downtime Business Technology Outlook Server Management Spam Computing Marketing Bring Your Own Device Operating System Touchscreen WiFi Business Intelligence LiFi Vendor Management Social Monitors Managed IT Data loss Humor Chromebook Tablet Hosted Solution Information Technology Telephone Systems Administration Mouse desktop MSP Augmented Reality End of Support Two-factor Authentication Managing Stress Managed IT Service OneNote Remote Workers Document Management Data Breach Customer Relationship Management Scam Windows 7 IT SaaS Printing Break Fix Social Network Wireless Wi-Fi Password Solid State Drive Software as a Service Holiday HIPAA Virtualization Laptop Search The Internet of Things BDR Entertainment Vendor Dark Web Distribution Deep Learning Assessment Automobile Digital Signage Data Warehouse Network Management Mobile Device Management Solar G Suite Smart Tech Politics Monitoring Solid State Drives Work Dell Shortcuts Mobile Management Cyber Monday WannaCry Employee-Employer Relationships Payment Card Alt Codes Cooperation Service Level Agreement Cabling Customer Service Streaming Cybercrime Processor Legislation Voice over Internet Protocol iOS Hybrid Cloud Microsoft Excel Logistics Hotspot Internet Exlporer Google Maps Private Cloud Troubleshooting Business Analysis SharePoint Compliance Office Samsung Budget Connectivity Tech Support Spying National Security Techology IT Technicians Optimization Security Cameras Profiles Smart Technology Modem FinTech Analysis Students How To Lenovo Inventory Typing Staff Leominster Human Error Memory Statistics Scalability Conferencing Mail Merge Blockchain Asset Management Best Practice Language Value Virus Downloads Current Events Regulations Social Engineering IoT Digital Payment Websites Updates VoIP Unified Threat Management Mirgation Recycling Managed Services Halloween Utility Computing Shortcut Distributed Denial of Service Cookies Digital Mixed Reality Firefox Superfish Shadow IT Cryptocurrency K-12 Schools Disaster Device Reducing Cost Bluetooth Comparison Safety Migration Consulting Address Permissions Memes Google Docs Computing Infrastructure Professional Services LED Threats IT solutions Going Green Social Networking Patch Management Star Wars PowerPoint User Error Hacks Chatbots eWaste Remote Computing Laptops Scary Stories Google Wallet Nanotechnology Spyware Bitcoin Wearable Technology Network upgrade Uninterrupted Power Supply Network Congestion Mobility Running Cable Batteries Specifications Buisness Business Growth Alerts USB File Sharing Co-Managed IT Heating/Cooling Multi-Factor Security Motherboard Cables Computer Care IBM Legal Fraud Cost Management Onboarding GDPR Virtual Desktop Time Management Printer Identity Continuity Writing Sports Managed Services Provider Unified Communications Drones Screen Reader Charging Identity Theft Slack Hard Disk Drives Windows 8 Smart Office Print Toner Myths Black Friday Training Corporate Profile Messaging Emergency Holidays Licensing Dongle Dark Data Update Content Huawei Servers Google Calendar Wires Computer Repair Relocation Regulation Supercomputer CrashOverride Mobile Data Staffing How To Work/Life Balance Motion Sickness Recovery Administrator Health Mobile Computing Taxes IT Budget Web Server what was your? Black Market GPS Law Enforcement Notifications Electronic Medical Records Printers IT Consultant Physical Security Cameras Twitter Tracking Upgrades Gadget Meetings Emoji Crowdsourcing Cleaning Personal Information Botnet CCTV 3D Printing Webcam Cortana Financial Error Machine Learning Processors Unsupported Software Point of Sale Ben McDonald shares Travel

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3