Cloud Data Must be Protected, Too!

Cloud Data Must be Protected, Too!

If you’re reading this blog post, you don’t need to be told that companies are collecting data at unprecedented levels. From highly-confidential strategic business information, to sensitive financial and client records, to the everyday data in between, volumes are massive. Increasingly so.

As volumes increase, and employees continue to work remotely, on-premise data storage is becoming less and less practical. As a result, more and more companies are moving more and more of the data to the cloud (and yes, the phrasing was more and less deliberate).

Whether firms are using public, private or hybrid cloud solutions, this is causing complications for many network managers. Some common ones:

• Not knowing where all the organisations’ applications and data reside.
• Not always knowing what data needs to be protected, especially as requirements evolve.
• Not always be able to have 100% visibility into who is accessing what applications and data, through which devices – an even bigger headache today than it was pre-pandemic, because of remote workers often using their own computers, or allowing company devices to be shared by family members.
• How quickly and reliably data can be accessed by all stakeholders, 24/7, regardless of location, locally or globally.
• Safe passage and safe harbour – all the while complying with country legislation. Like many countries, Canada has data residency requirements. Where your data is located, in other words where your cloud servers reside, is an important consideration in meeting the regulatory requirements for consumer data protection. If you work in multiple jurisdictions, you may have multiple legislative considerations, and multiple compliance auditors to satisfy.
• The biggest one: Security, whether the data is at rest, in transit and/or in use. According to multiple surveys published in 2020, 95% of cyber specialists are concerned about public cloud security and significant number are also concerned about private cloud, too.According to an IDG report¹, nine out of 10 cyber security professionals are concerned about cloud security in general – and that was before the escalation of cyber attacks seen in 2019, which of continued in 2020. In other words, this is not something to be treated lightly

Depending on who you have as your cloud provider, security may be a shared responsibility between you and the provider – or it may be yours alone. Either way, experts recommend that the data owners be its prime protectors.

Indeed, most enterprise-level organizations recognize that deploying cloud native security solutions can reduce time to deployment, as well as helping them save money – and give the firms greater peace of mind as they move more data and workload to the cloud, regardless of whether they are managing the data themselves or using a third party for that purpose.

With malware and ransomware attacks causing greater problems for organizations financially and operationally, and with other breaches impacting operational efficiencies, too, it’s no wonder that investment in cloud security is no longer considered an option. Indeed, according to survey results published in the 2020 AWS Cloud Security Report, which is also the source for the statistics included in the rest of this report, 65% of companies surveyed expect to increase cloud security spending by an average of 36% in 2020.

Clients benefit from cloud data protection because it enables them to:

• Easily secure applications and data across multiple environments, and multiple locations.
• Distinguish between everyday use and suspicious user behaviour.
• Proactively identify and mitigate breach-related security risks.
• Prevent data leakage, loss and disruption.
• Reduce the number of people required for cyber security management and problem remediation – and today, IT resources are stretched so thin, that any personnel time savings in this area is valuable.
• Maintain complete visibility into all user, folder and file activity, regardless of user location.
• More effectively govern stakeholder network and data access. This is a proactive approach that goes beyond defining and monitoring policies.
• Related to this: Being able to run compliance reports on a regular or ad hoc basis to reduce compliance issues within their organization. 40% of 427 corporate cybersecurity experts surveyed by AWS stated that dealing with legal and regulatory challenges was a concern.

One of the reasons we’re starting to see enterprise-level companies introduce DevSecOps teams (Development, Security and Operations ), is because seasoned network people understand that security decisions, and the corresponding actions, need to be made on the same scale, and at the same speed as other development and operations -related activities.

Even if your company is not ready to go this route just yet, you owe to yourself and your network to invest in Cloud Security.

If you would like more information about Cloud Security, or would like to consult with a Service Engineer, please contact us at [email protected] or (416) 429-0796 or 1.877.238.9944 (Toll Free).

1. “2018 Cloud Computing Survey,” IDG, August 14, 2018, idg.com/tools-for-marketers/2018-cloud-computing-survey.

P.S. You might also be interested in reading our October 5^th post:  “Been hacked? Here’s what you must do next – 5 Steps” and a related SlideShare presentation: 8 tips for handling a crisis: