When a network of infected IoT gadgets like routers, DVR machines and closed-circuit TVs can take down hardened, well-provisioned Internet giants like Twitter, Spotify and Amazon – as happened in 2016 – you can be forgiven for thinking twice before moving your data to the cloud.
Yes, a move to the cloud can yield big payoffs in terms of cost savings, increased efficiency, greater flexibility, collaboration for your workforce and more. Yet there are risks, and it would be naive to think otherwise. Your choices about whether and how to use cloud technology in your network merits serious consideration.
So, just what is “the cloud”?
As you likely know, instead of constantly buying new equipment and software, cloud computing allows you to pay for just what you need. Just as with a utility company, you get software and storage on a monthly basis, with no long-term contracts. Chances are, most of the software you now use is cloud-based. You simply access it on a pay-as-you-go basis.
Similarly, you can store data in the cloud, where it can be easily accessed when you need it. This reduces the need to buy and manage your own backup gear and software, thus reducing overhead. Yet, as with any major decision, it’s critical to be aware of both the benefits and potential pitfalls of putting your company’s data in the cloud.
There are three major advantages offered by cloud computing:
- Flexibility. Scaling up or down can be done without major investment or leaving excess capacity idle. It also enables your entire workforce to get more done, where and when they need to.
- Collaboration. With data and software in a shared cloud environment, staff can collaborate from anywhere. Everything from HR to accounting, and from operations to sales and customer relations, can be managed from diverse and mobile environments, giving your team greater power to collaborate effectively.
- Disaster Recovery. Typically, data stored in the cloud can be easily retrieved in the event of a disaster. It also augments local backup and recovery systems, adding protective redundancy.
While the cloud offers obvious benefits, it also increases your company’s potential “attack surface” for cybercriminals. By spreading your communications and access to data beyond on-site servers that are presumatly protected by a safe “firewall,” your network could be more exposed to security concerns. The good news is that many of them can be addressed with three best practices:
- Social Engineering Awareness. Whether you go cloud or local, the weakest link in your network is not in your equipment or software — it’s the people who use them. Cybercriminals are aware of this fact. And you can count on them to come up with an endless variety of ways to exploit it. One day it’s a phone call ostensibly from your IT department requesting sensitive data, the next it’s an e-mail that looks official but contains malicious links. Make sure your employees are aware of and trained to deal with these vulnerabilities.
- Password Security and Activity Monitoring. Maintaining login security is absolutely critical any time you’re in a cloud environment. Train your staff in how to create secure passwords and implement two-factor authentication whenever possible. Take advantage of monitoring tools that can alert you to suspicious logins, unauthorized file transfers and other potentially damaging activity
- Anti-Malware/Antivirus Solutions. Malicious software allows criminals to obtain user data, security credentials and sensitive information without the knowledge of the user. Not only that, some purported anti-malware software on the market is actually malware in disguise. Keep verifiable anti-malware software in place throughout your network at all times, and train your employees in how to work with it.