Businesses have gotten the message: the cloud is the place to be. But in the rush to take advantage of the latest technology, many organizations may be taking costly shortcuts. Sensitive data, left unsecured, may be vulnerable to hackers through backdoor methods, according to a new study from e-Security firm Thales.
The study revealed vast discrepancies in perceived responsibility for data security once a business migrates to the cloud. With SaaS solutions, more than half of respondents believe cloud hosting providers are responsible for security. That responsibility is believed to be shared between the provider and the users in the case of IaaS and PaaS solutions, however.
The biggest flaw in cloud security today is encryption, which is still a tricky area. Businesses like Amazon Web Services give users several options when it comes to encryption, including the service’s Server Side Encryption (SSE) support. However, some services face a challenge in ensuring the encryption is in place in a way that end users are able to see that encryption is happening.
With so many businesses employing multiple cloud services, server encryption may not be enough. When a business chooses a SaaS solution like Salesforce, Gmail, Dropbox, or any number of other cloud solutions, data is stored on the host’s server. This means it isn’t enough to check web and data hosts. A business must now also be concerned about security with instance of cloud software it uses throughout its organization.
What can businesses do? One important first step is to check with each of your solutions providers to learn the encryption available for your files. Additionally, businesses can deploy their own encryption at no charge using one of the tools on the market. A business’s cloud services provider can help steer businesses in the right direction in choosing an additional layer of protection on the device side.