In the wake of the most recent news from Google that nearly 5 million emails and plain text passwords were leaked on a Russian website, the chatter around data safety and cloud security has never been higher. With several very public “hacking” cases over the last several weeks and months (namely JPMorgan, Apple’s iCloud, and Home Depot), many people are asking themselves and their cloud providers the same questions: “How do I protect my data? Is the cloud safe? What can I do to ensure this doesn’t happen to my business?”
Clouds are a basic part of the majority of US businesses, whether through a public IaaS cloud like Amazon or a PaaS like SalesForce.com, or with a private or virtual private cloud. The amount of mission critical data and applications hosted in your cloud may vary, but knowing your data is as secure as possible is imperative to conducting business.
So how can you stay safe? We have a couple of common sense solutions, including some you might not have thought of yet.
Consider a Direct Connection to Your Cloud
Perhaps one of the best and most infrequently mentioned ways to stay safe is by having a direct connection to your cloud. A fiber connection to the datacenter that houses your cloud servers gives you quicker access your data and eliminates having to go through the internet, making it more much difficult and costly for hackers to intrude.
Given the physical authentication of your traffic on each side of the circuit, a direct connection through your ISP is a level of security you can’t beat. However, to ensure constant access to your cloud and improve the uptime guaranteed to your end users and stakeholders, you’ll need a redundant connection.
For large enterprises, the most secure way to introduce connective redundancy is to have an additional direct connection through another vendor. This enables you to have continued access to your cloud even if your primary provider’s connection is severed, and won’t require you to expose your traffic to the Internet.
Direct connections can be expensive and are location dependent, and some companies may find two connections cost prohibitive or access impossible for remote employees, partners, and customers. For those companies, engaging a skilled cloud provider highly trained in data protection can protect you while connecting to your cloud over the Internet.
If you’ve decided to have your backup connection to the cloud via a second direct connection, this section may be less relevant to you. However, if your company’s need for agility requires going through the Internet, it is possible for a strong cloud partner to develop a suite of data protection tools for your Internet traffic.
Protection will start with the essentials, such as encrypting data transmissions within the application layer, as well as while data is in flight. Site-to-site VPNs for remote offices and workers will be put in place, and IPsec features developed. Public facing systems and services will be regularly tested for vulnerabilities and system penetration. A multilayered network security parameter of intrusion detection and prevention will need to be in place. Beyond these fundamentals, your cloud manager will help you to determine the best security measures for your data.
Select a Strong Cloud Manager
Perhaps most importantly, it’s critical to have a strong cloud management team backing up you and your data. Your cloud provider and their team are your front line; they’re the ones who will develop and tailor a protection plan to help you configure and protect your data. Ideally, you’ll have a close working relationship with your cloud provider, who may also be able to provide you with a direct connection to your cloud.
That said, it’s still important to practice basic data hygiene when maintaining your cloud and its security systems. Regularly scanning, changing passwords and following standard security best practices can save you from many minor intrusions. For more robust security, some companies may be interested in Private Clouds, where dedicated infrastructure is actively managed for you within a secure environment. Many companies have struggled to apply adequate security features to systems outside of the enterprise domain, which is one of the primary reasons many turn to managed cloud services. A managed cloud team will be able to help you avoid some of the classic compliance and security pitfalls.
With the recent tenor and focus of the news on data breaches and “hacks,” it’s easy to worry about your data security. Our best advice is taking some time to have an in-depth conversation with your cloud provider about what security they can offer and how to keep your data safe.
Have you ever been hacked? Have more questions about how to best protect your data? Interested in establishing a direct connection to your cloud? Leave us a comment or send us a tweet @BroadAspect.