It is not surprising that security remains one of the top concerns surrounding a move to a cloud computing environment. According to a recent survey by CloudPassage, 53% of organizations see security concerns as the largest barrier to cloud adoption. And an identical percentage (53%) of businesses see unauthorized access through misuse of employee credentials and improper access controls as the single biggest threat to cloud security.
Despite these concerns, another survey of U.K. organizations reported that while 70% of them have cloud security concerns, 99% have never experienced a security breach.
It is important therefore to realize that in many ways, cloud computing is a more secure means of accessing and storing data. Just because your server is onsite doesn’t make it more secure; in fact, most small to medium businesses can’t justify the cost of securing their network the way a cloud provider can and most security breaches occur due to human error.
If one of your employees downloads a file that contains a virus, or if they don’t use secure passwords, or they simply e-mail confidential information out to people who shouldn’t see it, the security of your system has been compromised.
Other security breaches occur in on-site networks because the company hasn’t adequately maintained their in-house network with security updates, software patches, and up-to-date anti-virus software. That’s a far more common way for networks to become compromised than a cloud provider getting hacked.
How can you prevent this from happening to you? By definition, cloud hosting involves several users sharing virtual space. To ensure that no other user can access your information without permission, it has to be properly encrypted. Make sure your data is in capable hands by looking for SAS 70 Type II certification, which ensures that the controls put in place by your provider are accurate, suitable, and effective.
To mitigate risks to your data, when choosing your cloud hosting provider, ask whether or not they can verify the security of their network and infrastructure. Without proper oversight, a company’s data can become compromised due to improper security measures.