When it comes to security, many business people carry a pre-disposition against the cloud as a location for system functionality and data. Perhaps it is a reaction to giving our hard-won, proprietary and often confidential data to some external pair of hands, perhaps it is a knee-jerk reaction to the frequently reported data breaches, either way, the best decision is an informed decision.
Someone recently said, looking up at the sky “there are no clouds, only Linux servers”, and they are not that far off base. The cloud is just another term for a huge collection of external servers that house and run solutions and storage, accessed remotely by users. That would suggest that not all cloud applications or cloud service providers are equal.
From a business perspective, I can tell you I usually prefer cloud-based options in today’s world. First, solutions for payroll, accounting, and basic spreadsheet and word processing applications are putting much more money into their cloud-based applications than they are into their installed solutions. Second, as a centralized service, they can price more competitively while ensuring updated patching and release management across all clients. And third, as a part of my disaster and business continuity planning, having direct access to our systems via any secure internet connection reduces the planning I need to do internally.
From a technical perspective, some of the features that make cloud-based solutions and stored data secure include:
Cloud-based solutions usually store multiple copies of each piece of data. There are many cloud back-up service providers for additional redundancy, with automatic back-up features that remove the element of human error, where someone forgot to back-up the system or the back-up is stored in the same location as the live data.
It is still incumbent on you to ensure you stick to a robust password policy and update your own internal security policies and procedures. Cloud providers generally publish their security policies, so rather than trying to create your own and then implement them on-site or at a data center, you can review the published policies and ask for clarification where necessary.
Granting access to information no longer requires making a copy, emailing confidential data, or risking the information in a potentially unreliable thumb drive. Setting up an additional user and configuring access unique to that user is a relatively standard feature and as long as the solution uses at least two-factor authentication for access, it provides a much safer and more reliable means of sharing data.
When considering a move to the cloud, either to a SaaS-based application or moving your proprietary solution to the cloud, some critical considerations include planning the migration both on the technical side and with respect to processes and procedures to take advantage of the benefit and reduce the impact of differences between legacy systems and the cloud-based environment. Hiring the right advisor can be the
difference between a successful migration or installation, or complete failure.
In short, this is a great time to consider moving to cloud-based applications and storage, while workforces around the world are finding better ways of staying connected with their home-based teams. In the end, you will likely end up with better security than you had before.