Do I need to worry about security of cloud-based systems we use?
If you’re using cloud services in your business, you can gain some great security benefits from this. It’s important to remember though that the cloud isn’t some magical thing. It’s essentially someone else computer, infrastructure or application depending on what cloud services you are using. The security of the cloud really depends on your approach to it. If you’re of the belief that moving data or systems to the cloud in and of itself makes you secure, then you should start with our “Myths and misconceptions” article.
There are several security potential benefits to moving to the cloud. Cloud providers invest heavily in physical security of the data-centres, and many have great security technology in place, along with dedicated security teams, pro-active monitoring and robust continuity plans. Not ALL cloud solutions out the same level of effort into security however.
Also, and really importantly – most cloud providers operate what is called a “shared security model”. This means that they are responsible for some aspects of security, and you are responsible for others. Take user accounts and passwords for example. If you create a user account and password to access systems, and then share it amongst several employees, that constitutes a key security risk that the cloud provider can’t be expected to take responsibility for.
Helpfully, many of the main providers will publish “Security Best Practices” to help you understand where your responsibilities lie and how you can maximise security and minimise risk. Even then however, many organisations don’t have the resources to interpret and action these best practices.
If you’ve already move to the cloud or are thinking of doing so, and need help understanding or implementing security best practices, take a look at our Cloud Security Assessment service, or book a call with one of our specialists if you want to find out more.