How secure is data that is stored in the cloud? 100% security is difficult to ensure. But there are rules that should be strictly observed for professional applications.
The issue of data security plays an existential role for most companies. No responsible IT manager makes light of data storage, as the negative consequences can include distribution of corporate secrets and damage to a company’s image with legal consequences for misuse of sensitive customer data. And this is particularly true when it comes to using cloud storage. After all, any data stored on the Internet is naturally at risk of being read and used by third parties. The danger is posed by Internet surveillance programs such as “PRISM” and “Tempora” as well as by hackers all over the world, who constantly try to find gaps in security systems. A study conducted by the IT security firm Alert Logic in the autumn of 2012 indicates a strong increase in hacker attacks on cloud-computing services. The attacks are rarely targeted towards specific businesses and institutions, but this makes them no less dangerous.
In order to create a secure compliant work environment for working on confidential information and documents across multiple business units, companies have to obtain in-depth information on the provider and its services.
Basic requirements for German companies include the following:
- A cloud storage server location in Germany: This excludes many popular services like Dropbox as well as providers that use Amazon Cloud Services or their own infrastructure abroad. This alone can substantially limit the selection.
- Encryption of data: In the best case, content should already be encrypted during transmission to cloud storage. Companies should demand transmission via SSL and encryption standards like “AES-256”. In some cases, this may incur a bit more effort and less convenience, but at least ensures that data can’t be read by third parties in the case of unauthorised access. Selective data encryption can be used, so as not to excessively impede the performance of servers, storage systems and devices. Instead of encrypting entire hard drives or partitions, only security-related data is protected in this case.
- Good backup concepts: Multiple backups both within the data centre itself and in secure external storage locations have become the standard. The stored data is thus usually significantly safer than it would be in the company itself.
Learn all the digital expertise of Messe Frankfurt in Dexperty newsletter.