With the upsurge in ransomware, 57% of technical leaders and decision makers see cloud – and cloud storage in particular – as their second largest area of focus. In an increasingly stringent regulatory environment, not helped by in-house resource and knowledge gaps, Creative CTO, Rob Smith, explains how organisations can evolve their approach to securing data residing in the cloud.
Cloud storage safety: Why it’s important
The vital role of cloud storage security is to protect data from malware, network breaches, human errors, unmanaged attack surfaces, and other cyber threats. The key to success is ensuring complete visibility and policy-based control over how data moves to and from the cloud, ensuring only authorised information leaves the on-prem environment and that access is strictly limited to approved parties.
Unfortunately, bolting down data is not so simple in practice. This year’s Arctic Wolf cybersecurity report confirms nearly a third of organisations list cloud security as their top infrastructure concern with 81% citing vulnerabilities and misconfigurations as the most prevalent weakness.
How to protect cloud data
Today’s digital marketplace feeds on an explosion of data and real time analytics, making it ever harder to keep up with business requests for storage. Rather than continually wrestling with on-prem servers and infrastructure, IT teams are increasingly turning to managed services providers (MSPs) to securely migrate and store their data – in public, private or hybrid clouds.
Taking the Storage-as-a-Service (STaaS) provider route means companies can benefit from the latest cloud storage technologies and security best practices. Savings accrue from not having to oversize storage domains or carry the cost of spare capacity that may remain un-used. STaaS also removes the need for forklift upgrades, ordering and waiting weeks or sometimes months for new hardware to be delivered and configured. It also means that IT teams no longer need to worry about products reaching end of life or end of support – the MSP takes care of such things.
However, there are common misconceptions that surround STaaS, and plenty of confusion around the merits of public versus private cloud, particularly when it comes to costs and risks.
With public cloud, the onus is on the customer to ensure their backup, protection, and security measures are up to scratch, as ultimate responsibility for the data rests with their organisation – not with the cloud provider.
It’s also important to check there are no hidden migration and egress charges. Performance based SSD or memory class storage can be especially expensive. So, it’s vital to classify individual data and locate it on the appropriate tier of storage, as housing and using it have rather different cost profiles.
For example, spinning up data for testing and development can soon become expensive, depending on the computing and network resources needed to access it and, of course, the duration of the service that’s required.
A better alternative is to consider a storage solution that comes with the following measures:
- Two-Factor Authentication (2FA)
Sometimes referred to as two-step verification or dual-factor authentication, 2FA is a security process in which users provide two different authentication factors to verify their identity. MSPs are increasingly using 2FA to protect their users’ credentials from hackers exploiting stolen password databases or running phishing campaigns to obtain user details.
- Cloud encryption (Cloud storage encryption)
Forming a further layer of security, proactive defence platforms encrypt data transmitted to and from cloud-based applications and storage, as well as authorised users in different locations. These tools can also encrypt data on cloud-based storage devices, making it harder to read.
- Security Operations Centre as a Service (SOCaaS)
Complex cloud environments that use disparate security tools from a multitude of vendors – each blocking different attack vectors and not communicating with other solutions – is a recipe for high risk. Not least because it leaves gaps vulnerable to attack. SOCaaS overcomes these problems by enabling companies to rapidly acquire robust defences, without the expense and delay of building those capabilities in-house.
Combining the latest cloud technologies and human expertise, SOCaaS solutions ensure effective real-time threat response, while continuously applying learning to strengthen cyber postures and resilience.
Creative ITC cloud storage security
Clients using our managed service enjoy pay-as-you-go storage benefits, safe in the knowledge their data is protected by essential defences like 2FA and cloud encryption. That also means they don’t have to keep investing in high-spec servers or paying dedicated storage teams to battle with ever-increasing documentation and software updates.
Moreover, by combining our STaaS and SOCaaS solutions, Creative clients rest easier knowing cyberattacks can be quickly contained and effectively stopped in their tracks. As well as continually monitoring threats to stored data, this dual approach also applies learning to further strengthen security policies over time.