2 September 2016 13:30
Five myths about cloud computing security
It's enough to make us feel old, but cloud computing has been around for over a decade. That's enough time for it to become established as a key tool for businesses of all sizes.
That's enough time for it to become established as a key tool for businesses of all sizes. However, it's also long enough for some myths to have arisen that need putting straight once and for all.
Myth 1: The cloud is less secure than on-site provision
There are still people who believe that IT provision in-house and on-site is safer. But it's not true.
The first thing to recognise is that there are risks with both cloud and on-site IT. If someone is willing - and skilled enough - both can be compromised and both can be hacked.
There are pros and cons on both sides, but it's a myth that the cloud is less secure than on-site provision and that needs to be challenged.
Myth 2: All cloud providers are equal
As cloud computing has grown in size and reach, a number of standards have emerged, but there is no agreement on which are the most important. Here is a list of cloud security standards that you can look out for.
As the change in EU legislation has shown, in a crisis or breach it's your reputation and your future success on the line. As the customer, it's up to you to make sure you're happy - but recognise that not all providers are equal.
Myth 3: Your provider is responsible for the security of your data
While the future of our involvement in the EU is still in a state of flux, until we officially leave we're bound by their rules - and for IT this means the European Data Protection Regulation.
This has some significant implications for businesses, which Computer Weekly has done a good job in collating. One of the biggest issues is the storage and sharing of data outside the EU.
The regulations state that: "If data belonging to EU businesses or citizens is stored outside the EU, the transfer of that data needs to be secure with data protection requirements at the other end at least as strong as those in the EU."
Those with customer data in the cloud will need to ensure they stay on top of this, and the increasing demands of the Data Protection Act. It's your responsibility, not the supplier's.
Myth 4: Hackers only target big businesses
High profile hacks may make the headlines, but hackers don't only target big business.
According to Symantec, small businesses are increasingly being targeted by hackers. The reason is that while they may have access to more information going after big boys, targeting SMEs is often more profitable as their security is weaker.
What this means is that business of all sizes need to stay on top of their security. There's nowhere to hide.
Myth 5: You can just ban BYOD
Bring your own device (BYOD) is one of the biggest opportunities for the cloud, but is also a huge threat. Many organisations prefer to bury their head in the sand and ban BYOD - but that doesn't work.
Employees may be the weakest link in the chain for security, according to GCHQ, but using our own devices - phones, tablets and computers - to access the cloud isn't likely to stop soon.
There are risks with BYOD, but these can be managed. It's clear that a ban is the wrong approach and just isn't practical.
Cloud computing is here and - despite these and many other myths - is a safe, reliable and efficient way to organise your IT infrastructure. There are risks, but there are rewards too for businesses of all sizes.
Copyright © 2016 IT solutions specialist Principal.