The goal is to turn data into information and information into insight.
- Carly Fiorina, Ex-CEO of Hewlett-Packard.
Data is the Big Thing as we are realizing. Data drives the way companies function, the way we go about our lives and moreover the way we make choices in our lives. For example, when I go from place A to place B, I try to find the best possible route through google maps; google maps is nothing but giving me the real time data based on the traffic.
Now, the natural question comes with abundance of data in the current world, where is this data stored?
Storage of data is possible in local devices, but that would not be viable especially for organizations which have huge metadata.
Indeed we have a system in place which allows us to store data without having to worry about space constraints, the “CLOUD”. Cloud is a storage model which allows us to store data over the internet through a cloud service provider. Some big players giving this facility are Amazon’s AWS, Microsoft’s Microsoft Azure, Google cloud platform, IBM cloud to name a few.
It may seem that trusting these companies with our data may seem like a big risk, but actually it is way safer than keeping it in our own PCs. The cloud service providers invest billions in safeguarding our data against malicious users.
But that shouldn’t stop users from asking how it is really helping to make our data safer. One must ask the right questions as to if our data is safe in the hands of clouds service providers, Am I making the correct choice by storing my personal information in cloud? What if the system gets hacked?
According to Statista’s 2021 survey, some of the major concerns people had about cloud was with data loss and data privacy.
We will analyze the best practices that should be followed by individuals and organizations to safeguard their data.
One of the biggest advantages that cloud provides us is that cloud systems are not susceptible to malware, phishing scams and common data theft.
There are entire teams working 24*7 to ensure that the cloud system becomes more robust and reliable. But at the same time it is important to understand that cloud security is the combined responsibility of the users and as well as the provider.
Irrespective of what kind of cloud service we use be it PaaS, IaaS or Saas, one needs to be very careful with what kind of data is being stored in cloud. Whether, it is public / private or confidential information of an organization or individual. All forms of data needs to be encrypted. A robust data storage architecture is a must for every organization. Taking "control of your own data" is very important to ensure maximum privacy and security in the digital storage space.
Some of the best practices that as an individual one must take to ensure maximum security are:
Irrespective of what kind of cloud service we use be it PaaS, IaaS or Saas, one needs to be very careful with what kind of data is being stored in cloud. Whether, it is public / private or confidential information of an organization or individual. All forms of data needs to be encrypted. A robust data storage architecture is a must for every organization. Taking "control of your own data" is very important to ensure maximum privacy and security in the digital storage space.
Some of the best practices that as an individual one must take to ensure maximum security are:
MULTI-FACTOR AUTHENTICATION
Use multi-factor authentication for cloud accounts; this protects the data from breaches. Easy to crack passwords is one of the main reasons due to which sensitive data gets leaked.
Recent studies show that over 70% of employees reuse existing passwords in multiple accounts. According to BND “a staggering 81%” of data breaches take place due to weak passwords. One of first rules of creating a strong password is never use obvious information related to you in password. Suppose your date of birth is 24/09/1999, keeping the password as 24091999 is not a very good choice. Hence, one has to be very careful in choosing and updating passwords.
Recent studies show that over 70% of employees reuse existing passwords in multiple accounts. According to BND “a staggering 81%” of data breaches take place due to weak passwords. One of first rules of creating a strong password is never use obvious information related to you in password. Suppose your date of birth is 24/09/1999, keeping the password as 24091999 is not a very good choice. Hence, one has to be very careful in choosing and updating passwords.
CHOOSE WHICH DATA TO STORE WISELY
To be on safer side, it is better to put the most sensitive data in a backup in addition to cloud. This ensures that even if there is a security breach, your most valuable data is still protected from malicious intruders. Many a times, it is also suggested by experts to avoid storing personal information in cloud.
ENCRYPT
It is better to encrypt the data in the client side itself. When service provider further adds security features to your data, it would have a double layer security. The cloud data is the most vulnerable when it is moving from one storage location to other. Hence, end-to-end encryption of data is essential.BACKUP
Most importantly, try to back up your data as this ensure that even if the cloud servers go down or a massive cyber-attacks hits a cloud provider, most valuable data will still be protected in local servers.BE CAREFUL FROM WHERE YOU ACCESS A CLOUD ACCOUNT
A individual can set strong passwords, use anti-virus software, firewalls when using one’s own home Wi-Fi connection but, this might not be possible in public networks where risk of the data getting breached is significantly higher. Hence, ensure that cloud accounts are always accessed from known and verified networks.ASSIGNING PERMISSION
More importantly, be very careful with whom you share permission to view your cloud data or access your cloud accounts. It is also important to verify what they can access through the permission. This is one of the major reasons for data breaches. User responsibility is critical to data safety and moreover these permissions should also be reviewed periodically.AVOID DEFAULT SETTINGS
Using cloud's default settings makes it much easier for hackers to breach into the cloud systems. Hence, changing the default settings makes it much difficult for hackers to breach through the cloud account.
AVOIDING HUMAN ERROR
Many breaches have taken place due to human error which essentially involves providing public access of the credentials, setting up buckets incorrectly or sometimes falling prey to phishing mails sent by hackers. Hence, it is essential for organizations to train their employees properly about the cloud services that is being used by the organization. Having a clear idea of the type of security mechanism your cloud providers provide makes it much easier to avoid human errors.
These steps might look very obvious but most often than not, it is the obvious things that we fail to implement which render our data vulnerable. It also ensures that we are reducing our trust on any single player, be it luck or our cloud service provider which is the best way of ensuring data security.
On the other hand, with the advent of Covid-19 which is forcing people and organizations to carry out their work remotely, it is estimated that cloud users will see an exponential growth in numbers.
The cloud market has seen a growth of over 10 billion dollars in the pandemic period.
Hence, it is not only the users but the cloud service providers should also abide by the commitment of data security and privacy towards their users.
Usually, it is not possible for individuals or even in most cases organizations to know what is the fate of their data with the cloud service providers but, a user trusts the regulations of the providers to make their data secure to the greatest extent possible and as well as, not to manipulate or sell the data. But when is comes to security I think, this trust should be backed up by regulations / laws which can mandate service providers to make their processes and policies much more transparent and hold them liable for any data breach that takes place in their servers.
Happy reading. Signing off with a beautiful quote:
Privacy is not something that I’m merely entitled to, it is an absolute prerequisite.
~ Marlon Brando
Connect to me on LinkedIn!
0 Comments