"The Cloud" is as mysterious to most people as brain surgery or rocket science...we know it exists, we know some people understand it, and we know that we aren’t those people. But just as we make assumptions about everything else we don’t fully understand, we make assumptions about cloud computing. For example, is cloud computing safe? A lot of people believe that cloud services are inherently secure services, substantially more secure than on-premise services. But that couldn’t be further from the truth. While many cloud services claim they are secure, and come with a variety of security features, it’s just not the case that they are secure by default. Each of those options and systems must be configured specifically for your situation, and these configurations are far from simple.
The Rise of Cloud Computing
When we ask whether cloud computing is safe, we need to agree on what we mean by "cloud computing."" Up until recently, office networks were centralized in air conditioned server rooms behind locked doors. Securing those devices and the traffic that runs through them -- as well as the physical devices themselves -- could be a full time task. But now most office networks are running either fully or partially in the cloud. In fact, running on-premise email servers is more of a rarity, giving way to cloud-based email like Office 365 or Google’s G Suite.
Similarly, file servers have been replaced by cloud-based storage from companies like Microsoft, Google, Amazon, Box, Dropbox, and many others. And we seldom see on-premise accounting systems running on on-premise hardware as much as we see cloud-based systems such as Netsuite, Sage, Macola, Microsoft Dynamics, and many others.
Is Cloud Computing Safe?
So when we talk about safe cloud computing, what we’re talking about is securing your data while it’s in any of three states: in motion, in use, and at rest.
Data at rest is data that is stored. For example, your files that are stored on any of the cloud-based storage companies listed above.
Data in use is data currently loaded in your accounting system, spreadsheets, HR applications, CRM systems and so on.
Data in motion is data that is moving across private networks like your company LAN, or data that is moving across the internet. It could include data that is…
- Moving between on-premise equipment and cloud platforms
- Moving between mobile devices and cloud platforms
- Moving between cloud platforms
And despite what the cloud platforms might tell you about their security, they’re not telling you the whole story. Each of them has some level of security built into their systems, but just because they are there, it doesn’t mean it’s been implemented or configured properly.
And it doesn’t mean that it’s effective.
For example, Microsoft 365 Business Standard doesn’t include Office Message Encryption or protection from phishing attacks. It doesn’t even protect against malicious attachments and doesn’t do a very good job detecting and preventing ransomware. Microsoft 365 Premium has those features, but they are not best in class.
Similarly, Amazon S3 by default allows a hacker who has gained access to your cloud service to list out the contents of your cloud. It’s also possible to configure Amazon’s cloud to expose private information by including public data "buckets" within them.
So when you are purchasing cloud services you need to be sure you are purchasing the right product and service levels. Then each cloud application must be properly configured for your own environment and use cases using
So when you ask “is cloud computing safe,” the answer is “it can be.”
How To Secure Your Data In The Cloud
Digital Uppercut helps its clients secure their cloud data in several ways. The first is that we work with our clients to select the best cloud services for their applications. Box, Dropbox, Google Cloud and Microsoft OneDrive all have their own strengths and weaknesses. More importantly, they work better for some applications than others.
Regardless of which technology we choose, we properly configure it to make the most out of the built-in security services. We also use technology that seamlessly works within most top cloud service providers to provide additional security beyond what the tools’ native security allows.
For example, we can add best-in-class signature based antivirus tools, sandboxing tools, endpoint protection tools, data leakage tools, encryption tools, and more to any cloud provider. And our systems will actually show you malware and dangerous files that will flow right through “Advanced” security tools from Microsoft or Google or other cloud services but that are caught by ours.
And that’s just the beginning.
We can detect when sensitive data is exposed to unauthorized users, when any file or folder is accessed by users, what the user did with that file, and much more. You can have full visability into what happens with your data, when it happened, by whom, and how.
Making A Dangerous Cloud Safe
So is cloud computing safe? Not really...not by itself. And especially not in our data-centric, compliance-oriented and litigious world. Protecting your data is critical to your company’s success and survival, and Digital Uppercut is here to help. If you’re contemplating moving services or resources to the cloud, talk with us to choose the right vendors and products. If you’re already computing in the cloud, and would like an evaluation of your security, we can help there, too. Contact us online or call us at 818-913-1335.