BNMC Blog

The Cloud Isn’t Necessarily Safe

The Cloud Isn’t Necessarily Safe

The Cloud. That big, vague entity where a lot of us our entrusting our information has lifted a huge burden off of businesses by alleviating the need for expensive onsite hardware. It makes user management a little more user friendly. It keeps us connected and in communication no matter where we are.

It’s pretty great, right? With every silver lining, there is a darker, more dreary side. For cloud computing, it’s the fact that, like all technology, it is not inherently secure.

The Cloud is (Basically) Just Someone Else’s Computer

When you connect a computer to the Internet, you invite outside entities to try to infiltrate it. Viruses, malware, unpatched vulnerabilities, and other threats can creep onto an unprotected device and take over. This could lead to data theft or data loss. That’s why we all know to use antivirus and avoid using outdated software. That’s why we don’t install random software or visit sketchy websites. I’m pretty confident my reader base knows the drill here.

The cloud is essentially no different. It’s just a computer or an array of computers connected to the Internet. If it isn’t properly protected, it can be compromised. 

If you use Google’s G Suite platform and your email is handled through Gmail, and you are storing files in Google Drive, then you are simply using Google’s computers to do so. If you are using Microsoft 365, then you are storing your email and data on Microsoft’s computers.

*Side note, I miss being able to refer to anything related to Microsoft as belonging to Bill Gates. I’d love to be able to tell clients that they are using Bill Gates’ computers to store their Outlook. Maybe I just still haven’t come to terms with the fact that he stepped down from Microsoft back in 2006.

The point is, while we can typically trust these massive services to handle our data correctly, we still need to be aware that we are depending on them to do so.

On a smaller scale, you might use a local web hosting company, or you might pay to host a server at a smaller data center. The same applies - you are relying on this third-party to keep you safe.

My gut tells me to be skeptical whether I’m entrusting a major corporation like Microsoft or a small company with a data center, but at least with Microsoft I know that millions of others are using the service.

The Cloud Isn’t Always the Fast Path to Compliance

Complying to industry standards like PCI DSS, HIPAA, and the GDPR can be a big undertaking, especially for smaller businesses. Often, a nice big step towards compliance can be to rely on a third-party who focuses on hosted environments that meet those compliance regulations. This means that moving towards the cloud is often a win, but you need to read and understand the fine print before you simply pull the trigger.

For example, let’s say you are storing names and credit card numbers. You absolutely need to keep this data encrypted and control who has access. If your cloud host can get around that and employees can access the data, you might not fall under certain compliances. 

When it comes to protecting the data of your customers, there are a lot of moving parts and considerations, so spending a lot of time upfront and ensuring that your cloud solution can handle this, AND doing regular checks will have to become a way of life.

Like Anything Else, It’s Only as Secure as Its Weakest Link (Sorry, End Users)

Ever play Jenga, where you have to carefully pull blocks from a stack while trying to prevent the entire tower from falling over? Each time someone picks at it, there is a greater risk of the whole thing toppling down. The more hands that get involved means the more likely that things will go wrong faster.

Security is like that too. An end user could accidentally share a folder or set it to public. They could have a weak password, or use the same password on multiple sites. They could lose their mobile device and inadvertently give someone else access to everything.

Fortunately there are policies and settings around most of the obvious threats these days, but whether or not they are enforced is a whole other thing.

Who’s Responsible For Protecting My Cloud Hosted Data?

When it comes down to compliances, it’s really up to you. YOU have to protect the sensitive information of your employees, your customers, and your prospects.

That doesn’t mean you are alone. The IT security experts at BNMC can help audit your IT, whether it is onsite or in the cloud, and help you meet compliances. We take protecting the sensitive data of you, your staff, and your clients very seriously.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, September 18 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Cloud Email User Tips Privacy Computer Microsoft Malware Network Security Google Software Productivity Hackers Hosted Solutions Business Data Tech Term Communication Hardware Small Business Ransomware Mobile Devices Internet Cloud Computing IT Services Efficiency IT Support Data Recovery Smartphone Workplace Tips Backup Windows Upgrade Android Saving Money Managed IT Services Innovation Microsoft Office Data Backup Users Information Social Media Business Continuity Office 365 Managed IT Services Outsourced IT Windows 10 Smartphones Internet of Things Data Management Miscellaneous Server Mobile Device Business Management Browser Windows 10 Word Passwords Productivity Facebook Cybersecurity Phishing communications Vulnerability Gmail App Encryption VoIP Chrome Remote Monitoring Artificial Intelligence Infrastructure Network Disaster Recovery BYOD Employer-Employee Relationship Tip of the week Apps Managed Service Provider Gadgets Managed Service Analytics Save Money Virtual Reality Applications Website Money IT Support Company Culture Big Data Google Drive Display Employee-Employer Relationship Content Filtering Settings Bandwidth Development Antivirus Apple Education Paperless Office Robot Storage Automation YouTube VPN Risk Management Unified Threat Management Access Control Router Hacker Data storage IT Management Office Tips Government Maintenance Quick Tips Bring Your Own Device Operating System Holiday The Internet of Things WiFi Computers Tablet Virtualization LiFi Document Management Hosted Solution Retail Alert MSP Augmented Reality Downtime Managing Stress Wireless Administration Solid State Drive Mouse Two-factor Authentication Avoiding Downtime Monitors Scam Vendor Management Hard Disk Drive OneNote Chromebook HIPAA Search Networking Printing Mobile Security End of Support Data loss Telephone Systems Data Security Business Intelligence Business Technology desktop Server Management Virtual Private Network Touchscreen SaaS Computing Collaboration Outlook Firewall Laptop Spam Troubleshooting Regulations Business Analysis How To Lenovo Language iOS Value Statistics Spying Mirgation National Security Recycling Budget Spyware Mail Merge Blockchain Security Cameras IoT Social Uninterrupted Power Supply Dark Data Downloads Update Information Technology Computer Care IBM Shortcut Distributed Denial of Service Human Error Cookies Memory Typing File Sharing Humor VoIP Unified Threat Management Analysis Students K-12 Schools Social Networking Virus Best Practice Firefox Superfish Politics Cybercrime Computing Infrastructure Scalability Professional Services Current Events Bluetooth Comparison Chatbots Updates eWaste Identity Theft Address Permissions Managed Services Star Wars Customer Service Marketing Training Corporate Profile Patch Management Office Managed IT Service Samsung Device Nanotechnology Reducing Cost Cryptocurrency User Error Private Cloud Wearable Technology Mixed Reality Network upgrade Specifications LED Motherboard Threats Cables Automobile Google Docs Customer Relationship Management Tech Support Alerts Migration USB IT solutions Going Green G Suite PowerPoint Identity Continuity Fraud Laptops Cost Management Hacks Dell Heating/Cooling Multi-Factor Security Google Wallet WannaCry Social Engineering Break Fix Mobility Screen Reader Batteries Charging Bitcoin Cabling Time Management Printer Halloween Data Breach Smart Office Black Friday Co-Managed IT BDR Wires Business Growth Google Maps Websites Licensing Windows 7 Dongle Onboarding GDPR Solar Legal Emergency Software as a Service Assessment Password Servers Google Calendar Unified Communications Drones Safety Dark Web Print Toner Smart Tech Windows 8 Network Management Scary Stories Slack Hard Disk Drives Work Cyber Monday Remote Computing Content Huawei Voice over Internet Protocol Running Cable Cooperation Messaging Service Level Agreement Buisness Digital Signage Compliance Data Warehouse Deep Learning Digital Payment Hotspot Entertainment Internet Exlporer Mobile Device Management Network Congestion Legislation Optimization Digital Microsoft Excel Virtual Desktop Shortcuts Connectivity Disaster SharePoint Sports Monitoring IT Technicians Solid State Drives Managed IT Writing Smart Technology Streaming Modem Processor FinTech Alt Codes Techology Wi-Fi Staff Employee-Employer Relationships Leominster Unsupported Software Mobile Computing CCTV Webcam Computer Repair Relocation Printers Error Mobile Data How To Work/Life Balance Point of Sale Ben McDonald shares Recovery Travel Health Black Market Supercomputer CrashOverride Law Enforcement Staffing Notifications Motion Sickness Electronic Medical Records Twitter Financial Administrator Physical Security Taxes IT Budget Upgrades Gadget Web Server what was your? Emoji GPS Crowdsourcing Myths Regulation Personal Information Botnet IT Consultant 3D Printing Cameras Cortana Tracking Meetings Cleaning Processors Machine Learning

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3