The cloud has changed the way companies do business by opening up a whole new world of collaboration and productivity. Nowadays, we could probably not live without it.
But, despite all the benefits, small- to medium-sized businesses (SMBs) are still suspicious. 61% of SMBs believe their organisation’s data is unsafe in the cloud. They feel that their data is less secure and prone to leaking. This is understandable, trusting a third party with your sensitive data feels risky because you’re not in control of it anymore.
Let’s see the specific issues SMBs have with data in the cloud and what they can do about it.
Unauthorized access is hard to detect
One of the biggest cloud security concerns today is the detection of unauthorized access to sensitive files and folders.
With data stored on on-premises file servers, businesses are assured that the data is ‘relatively’ secure from unauthorized use because of the need to be physically present in the office to access these files.
With employees and third-party partners using VPNs, which allow access outside of the office, data remains relatively secure because access can be restricted to specific devices only.
With cloud-based storage, the chance of unauthorized access has seriously increased — causing major security concerns for IT teams who are struggling to detect misuse.
Without the right access controls in place, if an employee’s login credentials were to fall into the wrong hands, an attacker could, in theory, gain access to sensitive files and folders from anywhere in the world using any device.
One in five (21%) said they keep their most sensitive data stored on on-premises infrastructure because they don’t trust its security in the cloud. Businesses are worried that the information will end up in the wrong hands because they don’t have visibility of who is accessing these files.
Data theft from leaving employees is hard to stop
Security teams are having a hard time trying to stop employees who are leaving your organization from stealing sensitive company files before they leave.
Spotting someone who is attempting to steal sensitive information is much easier with on-premise storage because the information is stored on the physical desktop computer.
With cloud-based storage, date can be accessed from anywhere in the world, using any device (even personal devices), so it becomes much easier for ex-employees to steal information before they leave and harder to spot it.
Complex hybrid storage environments is hard to manage
This issue is inherently linked to the first two — and one can argue that complex hybrid environments make the other two issues much worse.
Many businesses have a hybrid storage environments these days — a mix of cloud storage providers and a mix of on-premises servers. While this approach helps employees become more productive, it also makes managing the security of the data stored across multiple environments very challenging.
Each cloud provider has a different way of managing security, and without actively monitoring access to each platform on an ongoing basis, it’s difficult to detect any malicious activity and halt data theft. Indeed, 56% of SMBs say that it’s difficult managing the security of data living in hybrid infrastructures.
What can SMBs do about it?
If you want to ensure your data is protected (whether in the cloud or on a mixture of on-premise and cloud), you need to invest in technology that proactively tracks, audits and reports on all access to files and folders, and alerts IT teams on suspicious file activity the moment it occurs.
With a solution in place that provides a unique and consistent view of the security of your data across all your storage servers — whether on-premises or on a third-party cloud system — you can rest assured that if someone other than an authorized employee attempts to access your data, you’ll be the first to know about it and therefore, you’ll be able to do something about it.
François Amigorena is the founder and CEO of IS Decisions, and an expert commentator on cybersecurity issues.