New research published this week by SecureData, an independent IT security service provider entitled: Are you being served? How can Security as a Service serve you? highlights that 78 per cent of IT managers in UK companies claim that a lack of trust in security is the biggest barrier to the adoption of cloud technologies. For managers in large businesses, (more than 3,000 employees) this figure rises to 82 per cent.
Trust and security are understandably big considerations for any company moving their IT into the cloud. Outsourcing confidential data to a third party is big step particularly when it has always been managed in house and only accessible to employees.
However, cloud computing can be completely secure if businesses opt for a private and managed cloud computing service and are careful when choosing their provider. Here is my short guide on ensuring the cloud is sound.
So how can companies dispel security issues?
Work with an accredited and trusted cloud computing service provider with a good reputation amongst its customers.
Opt for a privately managed cloud computing service, such as a Desktop as a Service (DaaS), where all data is professionally managed and stored in a secure UK datacentre behind corporate grade firewalls. Popular cloud based services such as Gmail, icloud and dropbox are free, but there are risks involved as people who use them won’t know where their data is held. If it is held for instance in the USA, the data may come may come under the jurisdiction of US authorities.
Earlier this year the Information Commissioner’s Office issued clear guidelines to businesses stating that they are responsible for their data wherever it is held. Organisations must know where their data is located and take responsibility for its security – consumer cloud services are therefore not suitable.
Check your provider has relevant accreditations such as ISO 9001 and ISO 27001 and is happy to provide references that you can follow up with their clients. Accreditations are important as it shows the provider understands and can demonstrate the highest levels of security.
Fully understand how cloud computing works and the value it could bring to your business so you can weigh up the benefits versus the costs. Some of the benefits could include reduced IT costs, eradicating the need for in-house servers and an IT department, and greater workforce flexibility – allowing employees to log onto office systems wherever they are.
Once a company has adopted cloud computing they are typically operating in an environment which is more secure than the previous local server set-up. It is the provider’s responsibility to ensure they have the latest security software and firewalls and they are much more likely to keep everything up to date than an internal IT department.
In the past year or so, the growing trend of employees bringing different gadgets into the workplace has made it more challenging for companies to manage how employees access company data and move between their personal and corporate devices without compromising data security. However, if a company adopts a hosted desktop service based on cloud computing these issues are solved as data isn’t stored on any devices so people can access corporate data from any device and even if their device is lost or stolen it wouldn’t matter as the data would be held securely in the cloud and not accessible to a stranger.
Businesses should remember too that security threats are not always external and make sure they have audit trails in place in case of employees’ breaching confidence.
Some offices are also at risk from physical threats such as burglary or flooding. With a reliable DaaS provider, the physical location will be in a resilient and top security environment with constant backups and a disaster recovery solution to ensure data is always protected and it can be business as usual at all times.
By following these guidelines and choosing the right provider, justified security fears should actually be a catalyst for joining the cloud.
David Sturges, Chief Commercial Officer at WorkPlaceLive
