Inside the Briefcase
Prevent Hurricane Fear From Churning Up Stormy Clouds
August 3, 2015 No CommentsFeatured article by Marcel Florez, Senior Vice President, Cloud Practice at N3
On July 8, the New York Stock Exchange abruptly came to a screeching halt, United Airlines grounded its flights, and the Wall Street Journal’s website went dark. You might think cloud providers let out sighs of relief when it was determined the cloud had nothing to do with these disruptions. In fact, it was quickly determined that no security breaches or attacks were involved. They were all just coincidental glitches.
But the reality is cloud vendors never had anything to worry about. They may have been bracing themselves for a public relations blitz and some industry spokespeople probably began practicing their talking points, but the experts who understand cloud technology and security knew from the start there was no way these problems originated from remote data centers.
It’s a bias the cloud industry has grown accustomed to. The fear of what might happen to anything that you can’t directly protect yourself is rooted in real human psychology; ask any parent what it feels like the first time they watch a beloved child board a bus to be whisked away to school. Most companies feel the same responsibility over their data, exemplifying the innate human response that nobody can care for or protect something as well as they can.
Although cloud technology has seen explosive growth, with more than 79% of all U.S. enterprise executives adopting some form of cloud storage or computing[1], security fears continue to rise. A recent survey of 200 cloud services business development representatives at N3, who speak to cloud customers and prospects every day, showed that security is the top concern companies have when it comes to remote data storage. For now, the rewards of migrating to the cloud outweigh the perceived risks, but what happens if that perception grows?
Slaying misconceptions about security in the cloud is vital to its continued success.
Fear 1: Hackers will steal or erase data stored in the cloud. While it is true that the sheer amount of data stored on cloud servers could make them attractive targets to data thieves looking for a mother load, this threat is more than countered by the round-the-clock security systems and teams constantly monitoring data centers for suspicious access. Professionally run data centers employ much more robust security than any enterprise alone could, making data at least as safe in the cloud as it is on local servers. Most people understand valuables are less likely to be stolen from bank safe deposit boxes than private homes, and the same principle applies here.
Fear 2: Too many people have physical access to servers at data centers. Data centers are purposely built in desolate places, with as few people as possible physically on-site. Modern servers are sealed in impenetrable enclosures before they are ever turned on and remotely wiped before they are disposed of, performing their duties in virtual vacuums. Thus, an engineer standing right next to a server at a data center has zero physical access to any of the information stored on the machine. In contrast, many businesses have low, or even no physical security protocols for their on-site servers. Some don’t even lock the doors to their server rooms and there is often little to prevent anyone from walking in and accessing data.
Fear 3: Authorized users can navigate to unauthorized data in the cloud. Separating access to sensitive information through login information in the cloud is performed the same exact way it is on-site; the servers use active directories which provide each user with the correct level of access. Many cloud platform providers take this a step further by offering reporting services so companies can see every user who asks for access and where the request is physically originating. Users have no easier access to unauthorized data in the cloud than they do on local servers.
Fear 4: Cloud servers do not adhere to the compliance guidelines I must follow. Companies working with sensitive data like credit card transactions or medical records must follow strict industry regulations like PCI or HIPAA. Falling out of compliance has huge consequences and can result in loss of licensure, effectively put these companies out of business. While it is definitely worth asking whether a cloud provider is able to comply with a niche standard or protocol, all the major players have long histories of adhering to the guidelines of industries like banking, healthcare, and credit card processing.
There is no doubt security is an enormous concern in modern computing and nobody wants to be the subject of a data breach headline. However, the biggest things companies can do to protect themselves are secure data by encrypting it and securing their websites. Whether data is stored on local servers or in the cloud makes no material difference to how secure it is, but cloud services often come with enhanced security features. Further, the money saved by utilizing cloud solutions can be reinvested to patch security holes where they are the most vulnerable for a net increase in overall data security.
Marcel Florez is Senior Vice President, Cloud Practice at leading sales execution firm N3, where he serves as the worldwide lead in managing sales generation for Microsoft cloud solutions. With more than nine years of experience in technology sales, marketing, and consulting, he integrates digital, voice, and social media channels to generate measurable revenue growth. Florez holds a Bachelor of Business Administration in Finance and Master of Business Administration in Entrepreneurship.
