How safe is your business critical data?


How would your business cope if tomorrow morning your business critical data was compromised?  Data security is a growing concern for many business leaders, affecting all organisations regardless of whether their data is stored in the cloud or in on-premise servers.

Data breaches, theft and vulnerability to viruses are just some of the ways your data could be at risk. When reviewing your data security you must do your due diligence on where and how your data is stored.

Data stored in on-premise servers  

Being located on your premise doesn’t necessarily make the data stored on your server any safer. Most on-premise servers have little to no security, so almost anybody coming into the office can access your critical business files.

In addition, there are a number of other risks that will need to be mitigated to ensure the data stored on your on-premise server isn’t compromised. These risks include things like theft, fire, water damage as well as malware that can hold your server’s data at ransom.

Combating these risks can add more costs onto maintaining your on-premise server. For instance, having a dedicated temperature controlled, protected environment or room to house your server, having the most up-to-date virus and malware protection, and running regular backups with data stored offsite.

Consider the following:

  • How secure is/are my server/s? Who has access to the server?
  • How well maintained is the server? Is it vulnerable to overheating? Is the hardware up-to-date?
  • How-up-to-date is your virus and malware protection software? Do you have policies and procedures around safe online conduct for your employees? Do you have protocol in case your system and server is infected?
  • Are you running regular backups? Do you have robust procedures around backup activities and backup storage?
  • How much is it costing you to maintain your server? Could a cloud solution suit your business better?
Data held in the cloud

Historically one of the major concerns of cloud computing was around data security. However, great strides have been made in this area thanks to heavy investment from cloud providers. In fact, according to the 2017 RightSide State of the Cloud Survey, concerns about cloud security fell to 25% from 29% last year.

Even though your data is held in cloud, it’s still physically stored in a data centre along with data belonging to other individuals and organisations.

Most cloud providers have their own data centres or agreements in place with data centres. And because security measures do vary among cloud providers, it’s critical to do your homework before investing in cloud options. For instance, you should be asking questions like:

  • Where are the cloud providers data centres located?
  • How are the data centres maintained? Are they climate controlled? Are they reliable? What security measures do they have in place, for instance firewall and intrusion protection, device monitoring and alarming?
  • Is data sovereignty an issue? If you have data saved in public clouds it means your data is stored on a server in a different country, which is governed by an entirely different set of security and/or privacy regulations.
  • How is your data protected against unauthorised access? Beyond passwords, what level of encryption is on offer? And, who is responsible for the encryption of files?
  • What level of virus and malware protection is offered?
  • Is your data backed up? If so, how often are back ups conducted?
  • If your cloud provider goes down, what happens to your data?

Now more than ever your business is reliant on data stored electronically, either stored in on-premise servers or held in the cloud. Not having access to this data for whatever reason could not only disrupt your business, but have serious long-term consequences. The security of data should be a top priority and there are many things to consider when making decisions around where that data should be stored.


About the author

Andrew Tucker is the CEO of ITonCloud, a cloud-based platform that helps businesses simplify and automate their IT systems.