It’s safe to say that small businesses love the cloud – it’s cheap, easy to use, spacious and reachable from every corner of the world with internet access. The degree of cloud adaptation among small organizations is restricted by the problem of security – every time we witness a scandal of leaked information or photos, the press tends to foreground the loopholes of cloud privacy and the danger involved in storing files on external servers.
Here are 5 key measures every small business should take to ensure that their data stored in the cloud is secured against leakage or attacks.
Assess the risks and choose data to store
Before jumping into the cloud, have a look at your organization and define which areas are most susceptible to risk. Rank those areas according to security requirements – this will help you to choose the right overall security level for your business.
Have a look at the kind of data that is being collected, stored or transmitted online at your company and ask yourself whether all of it should necessarily be part of the digital world. Sometimes the best way to guard sensitive information against hackers and thieves is to never digitalize it.
Read user agreements with store providers carefully
Before you agree to the terms stated in the use policy of your cloud storage, make sure to read them thoroughly – those documents include essential information on security, data privacy and policies employed in case of security breaches that result from direct attacks or other problems.
This is also where you’ll get the idea about the professionalism of the provider. Check which server and data center your data will be stored at – see whether they are SSAE 16, SAS 70 and SOC 2 audited, and if their clients are HIPAA or PCI certified. Additional important services are firewalls, antivirus and intrusion detection – serious data storage providers will always include them in their services.
Mind your passwords
It’s clear that your password is extremely important – experts claim that 90 per cent of all passwords can be cracked within seconds. Make sure to create a unique username and password for each account – if you’re afraid of forgetting them, use apps like LastPass or Dashlane for easy management.
Doubling passwords for different services is also a mistake that can cost you a lot. Another issue are security questions – never choose obvious information like important dates or telephone numbers.
Go for two-factor authentication whenever you can
Two-factor authentication (2FA) requires users to log into accounts using a username, password and something more – for instance, a token that gives you a new code each minute. Have a look at free solutions like Google Authenticator.
Some services will provide you with a smart option of sending a code via texts sent to mobile phones of defined users. 2FA isn’t fool-proof, but it’s one step forward to ensure that logging into your server requires something more than usernames and passwords that are easy to hack.
Always backup your data
Backing up your data, you can be sure that whatever happens, you data is safe. Outages and accidents do happen – do you recall the lightning strike that caused Amazon EC2 outage in 2009? Regular backups are essential for small businesses. It’s mostly about enabling the company to continue its business operations even if data stored in the cloud is unavailable.
All the above doesn’t mean that cloud is more dangerous than local servers – in fact, service providers use many methods to ensure their data storage is guarded against all kinds of risks. Once you define your level of risk tolerance, you’ll be on your way to finding a suitable provider that offers the exact degree of protection you’re after.
About the Author:
Monique Rivers is an Australian tech blogger who also loves good food and fashion. She works at ninefold.com. Ninefold is a company providing efficient and powerful virtual servers for all those occasions when a business needs to move their ideas into the cloud.