Challenges to Data Protection in the Cloud
Just how safe is cloud data in 2015?
It’s been a transformative year so far in the data and cloud environment. The high profile security breaches of 2014 and proliferation of cloud usage and data storage has prompted new approaches in 2015. New technology and business trends, new legislation, fresh demand and fresh threats have all give up their own challenges to data protection in the cloud.
On each new innovation piggybacks new challenges to data protection, so it’s difficult to predict how the landscape might change in the future. As we see it, though, these are the three main challenges to data protection in the cloud at this moment:
1. Data Breaches
Following several high-profile data breaches in 2014 for the likes of Barclays, the NHS and Apple, in which customer data, patient records and personal user files were leaked into the public domain, data breaches have risen to the top of the hit-list when it comes to data protection in the cloud.
In a cloud scenario, some control over your data is given up to the provider. That’s why it is so essential to choose the right one. Still, 80% of data breaches are estimated to stem from human error, so the real challenge here is to regulate and protect against mistakes made by cloud users. They must be made aware of the implications of failing to protect sensitive data, and educated on the importance of encryption and password changes.
The main focus must be how businesses dispose of their data. Fines are already being levied against organisations that fail to comply, but the release of new EU Data Protection Regulations back in June set higher punishments, and higher stakes for a significant data breach.
“The Council of the European Union has agreed new fines for breaches of EU privacy and data protection law could be up to €1m or 2% of the company’s global annual turnover.”
2. Data Loss
The next challenge to data protection in 2015 is the loss of data, both accidental and deliberate. The minute critical or sensitive information is moved into the cloud, it’s vulnerable – it can be deleted accidently, tampered with maliciously or the cloud provider could be affected by what could be termed as an ‘Act of God.’ Any of these scenarios would be spell disaster for a business.
Thankfully, there are workable solutions to this challenge, provided you are diligent. An integrated system to protect against malicious attacks is a good preventative measure, while a fool-proof disaster recovery strategy will prevent a terminal disaster. Additionally, though, you should integrate a security system to every network layer, to reduce the possible size of a data loss event.
3. Insecure Access Points, Mobile Working & BYOD
One of the biggest challenges to data protection in the cloud is controlling what gets through the gates. Access points, and the devices that have access to the cloud through them can be vehicles for hackers and security breaches.
Of course, one of the great joys of the cloud is that it can be accessed from anywhere, by multiple devices. The question is, are the interfaces and APIs that interact with it secure? Equally, the number of mobile users and owners that ‘BYOD’ (‘Bring Your Own Device’ to work) has grown, compromising and diluting cloud network security. Any organisation using the cloud should implement a clear BYOD strategy to protect against external threats.
The challenges to data protection in the cloud are considerable, yes, but not insurmountable. Sound working practices, secure and established providers of IaaS, PaaS and SaaS cloud services like Citrix, Google, Azure and Oracle and highly-trained cloud professionals that know how to use them will all help you to adapt to new challenges to data protection in the cloud.
Are you a cloud professional looking to lend your expertise to a new role? Maybe your organisation could benefit from a highly-trained candidate to help you meet the challenges ahead? Get in touch to discuss opportunities for cloud professionals today!