As the recent scandal involving the National Security Agency demonstrates, cyber security is more relevant than ever. While computer companies continue to push the idea of saving and accessing information on the cloud, an important question remains largely unanswered: Just how secure is the cloud?
Understanding Cloud Security
Many businesses and organizations have adopted the cloud as the best solution to constantly rising IT costs and making their data available on-demand from any location. However, there are still data risks involved in accepting storage provided by an outside entity. Many organizations use the cloud for the majority of their data, but most companies keep more than three-quarters of their highly sensitive information in-house for their own protection. This separation in data storage is a rising trend as the question of the cloud’s security continues.
The main issue at the heart of this uncertainty is the varying definition of “the cloud.” When a company puts its information on the cloud, that data could be stored at a high-tech, constantly supervised center, or it could be housed on a server sitting in a barn on a country lot. Most organizations do not know exactly where their sensitive information is going, and that makes them nervous.
The Physical Location of the Cloud
The NSA scandal has brought to light the true importance of the physical location of the cloud. As the global expansion of technology and access to information continues, the locations of data centers must be explored thoroughly and chosen cautiously for the highest level of security. Many obstacles stand in the way of selecting the perfect data center location:
Distance from organization headquarters - Although most companies opt to use the cloud based on cost-saving measures, and the most economical choices are generally on foreign soil, significant distance can be a major obstacle for cloud security. First and foremost, sending data to a distant physical server can drastically slow the speed of data transfer and inhibit the performance of technology, whereas home-based data storage will allow quicker and more efficient access. Secondly, underwater communication cables that are typically employed to connect servers are frequently interrupted by earthquakes, fishing trawlers, and currents; each year more than 50 cables are broken in the Atlantic Ocean alone. These unexpected barriers can cause drops in service that most organizations cannot afford.
Cultural dividers - Logically it makes sense that people would prefer to work with a customer service team of their own culture because they speak the same language, understand their problems, and live in the same time zone. When data servers are placed in distant lands, these similarities actually become cultural dividers that make it more difficult for cloud users and providers to understand each other and to work together.
Legal issues in privacy - When data is stored in a distant country, that data is subject to the laws and regulations of that country and not those of the country that has requested the remote storage. Privacy laws and regulations about data sharing can vary greatly from one country to the next, meaning that some countries may not share the same views about security and could share sensitive information.
Any company or organization interested in cloud security must carefully investigate the country where its data will be physically stored to determine which obstacles could most severely impact the business and its data.
Current Trends in Cloud Security
In addition to the physical location of the cloud servers, there are several trends in managing the data itself. Security teams are working to ensure that the data is kept secure both as it is being accessed and as it is sitting unused. Part of the process of doing this involves many businesses and organizations being more selective in what types of information they collect and store. With an estimated 90 percent of professional organizations storing sensitive material on the cloud by 2019, any personal data that is not required for business is slowly being eliminated so that securing it is no longer necessary. Finally, many cloud servers will just need to begin implementing more security controls and charging fees as part of the storage package. Most organizations will pay for these services as part of creating peace of mind about the security of their data.
Get information on our Cloud Security training class!!