Netpremacy ‘s five steps to securing corporate data in the cloud
10 January, 2013
category: Corporate, Digital ID
With more IT security enterprise capabilities moving to the cloud, Netpremacy has revealed 5 steps that it believes can better protect corporations’ data in the cloud.
Data location risk, risk of data loss and data security are three of the top barriers to cloud adoption. However, security can also be an enabler to cloud adoption and if data in the cloud can be safeguarded effectively, enterprises can begin to maximize the business potential of cloud computing.
That being said, Netpremacy offers five easy to follow security measures that will help to safeguard corporate data in the cloud.
The first step is to select a physically secure infrastructure, ideally one that can provide an added layer of security than the existing corporate infrastructure. Data should be stored in vaults, racks or cages to make physical breaches a near impossibility and should be accompanied by security protocols like on-site monitoring and biometric access.
The second step to secure cloud computing is the use of strong passwords by all employees. Employees should use a distinct password for their corporate email inbox independent of any other login credentials. An inbox is the key to all other online estates and the generation of strong, unique passwords can help minimize the chance of a breach.
Strong passwords can be formed using a memorable word but should incorporate both lower and uppercase characters as well as numbers. A 2-factor authentication process for inbox access should also be considered— adding a code along with the customary login details, for example.
Encryption is a vital third security measure, and when done correctly can greatly reduce security risks. A hacker deterrent, data encryption keeps unauthorized eyes from viewing sensitive information.
Encryption is especially important for companies that store financial data, employees’ personal information or patented information in the cloud. As a general rule, it is advisable to encrypt all data stored within off-site backups.
Netpremacy’s fourth security measure deals with the selection of who gets privileged access to corporate data.
Often time’s employees have differing levels of authority, making it difficult to keep track of access — and leaving the system susceptible to attack. Netpremacy suggests that a separation of duties can ensure that in-house staff monitors the activities of privileged third parties.
IT officials should also have the ability to monitor individual data assets — a credit card table for example— regardless of the method used to access it. A system that knows when data is being accessed in violation of the policy is key.
Netpremacy’s fifth and final security measure involves auditing cloud service providers to find the best possible fit.
Service providers should always be willing to provide prospective customers with official documentation and protection strategies of their data center. IT officials should be thorough and comprehensive in their search for a cloud service provider, and should specifically consider the following:
- Location
- Possible events
- Power Grid/Communications Considerations and Contingencies
- Proximity to danger-prone locations (e.g. bodies of water, potential terrorist targets like airports, seaports, etc.)
- Vendor’s DR emergencies
Netpremacy Global Services provides Google Enterprise solutions, a portfolio of IP services including national and cross-border MPLS networks and security services to thousands of organizations in more than 33 countries worldwide.