Happy New Year to everyone from the team at Colden Company! We wish you all a healthy and prosperous 2014. Last year at this time, we wrote a blog posting about how 2013 could be the year of the cloud for many of our customers. Certainly we saw activity in that direction and we see continued movement toward cloud-based applications. One of the unanticipated stories of the year was the NSA spying scandal and how our very own government has been spying on us and most of our largest cloud vendors like Google, Microsoft and many more.
These revelations made many who were considering the cloud to ask the question “How secure is my data in the cloud?” The answer to that is not as simple as we once thought. It is now clear that our government has the ability to hack very high levels of encryption.
Many cloud solutions can offer higher levels of security than businesses can afford to provide themselves. On the flip side of that coin, large hosting providers are more likely to be targeted by hackers or governments. Hence they are bound to be targeted by more sophisticated attacks by the law of averages. Does that make your data safer or less safe in the cloud?
The answer is, of course, it depends on what you are comparing it to. How secure is your internal infrastructure should you choose an on-premise solution? What are the costs of bringing the internal security up to a sufficient level to be comparable? The answer to these questions can push a business in one direction or another. Of course, there are other considerations besides security to base a decision on. Usability, manageability, disaster recovery, feature sets, and application integration are all notable factors that can greatly impact the final decision to use the cloud or not. All are topics we could spend time discussing, but will defer to another date in favor of a discussion on cloud security.
There are new security questions to ask when considering the cloud as a place to store our important data. “Who do we want to protect our data from?” is now a legitimate question to ask. The thought that we have to protect our data from our own government’s spying is a terrible affront to our rights but a topic for another forum. From a technology perspective, we want to protect our data from our competition, hackers, and in general anyone who should not have access to it. As we mentioned previously, cloud solutions are a double-edged sword and proper vetting of your cloud vendors is a must. Not all vendor solutions are equal in terms of functionality let alone security. The next logical question is “What data are we protecting?” Are we protecting sensitive data like credit card numbers, social security numbers, financial or health information? Those protecting what we would term as “sensitive information” need to take extra precautions with that data. The type of data is a factor in determining the required levels of data security. Also consider that there is a big difference between protecting data “in-transit” versus protecting stored data. Data in-transit is more susceptible to wiretapping such as that used by the NSA as opposed to stored data, exposure of which would require a direct attack on the data centers of hosting or service providers.
Colden Company is still a proponent of certain cloud solutions and the NSA scandal has not changed our view. The cloud is not going away, nor is it for everyone. Each business brings a unique set of circumstances, and while security of your data is a discussion to have, it is far from the only discussion. The important thing is to have the discussion. The best decisions are informed ones. If 2013 was the year of the cloud, let’s make 2014 the year of security!
Need help getting the conversation to the secure cloud started or finding a solution to secure your data – no matter where it resides? Call on us at Colden Company today. We can be reached at (888) 600-4560 or at firstname.lastname@example.org. Like us on Facebook and follow us on Twitter (@coldenco) as well! Happy New Year All!