Businesses are increasingly adopting the cloud, as seen by McAfee’s Building Trust in a Cloudy Sky: The State of Cloud Adoption and Security report.
It found that 93 per cent of organisations use the cloud in some form. The report also found that 74 per cent of businesses store some or all of their sensitive data in public clouds.
However, the report also revealed that 49 per cent of those businesses that responded to the survey reported that they had “slowed their cloud adoption due to a lack of cyber security skills”.
So what can businesses do to ensure they keeping themselves as secure as possible when it comes to the cloud?
Mobile device management
Businesses that let their employees work remotely will likely be very familiar with the cloud. They will also have to be aware of how to keep themselves – and their customers – secure.
When employees work away from a central office, the cloud tends to be the preferred way of storing data. It allows colleagues to access the same information and collaborate more easily on projects. However, it could also pose potential security risks.
Your business will need to ensure it is protecting these workers’ devices from any threats. A good way to begin securing your employees is by implementing mobile device management (MDM). This gives businesses control and visibility over the mobile devices connecting to the network, whether they are owned by the company or the employee as part of a Bring Your Own Device scheme (BYOD).
Stay away from public WiFi
There are other steps businesses must take if they allow their employees to work remotely. In particular, they should ensure that workers are not connecting to public WiFi networks.
This is illustrated by the recently discovered Krack vulnerability. Although device manufacturers have been rolling out updates to patch the security flaw, it still represents a significant threat to sensitive information.
However, this is not the only reason companies should be wary of connecting to public networks. Accessing them makes it possible for hackers to infect the devices being used, which can mean that business networks are then infected with malware. This can result in sensitive information being accessed, as well as viruses being transmitted. These can scramble data, making it impossible for businesses to carry out their work.
Passwords to protect
In order to give your business the best chance to protect its cloud-stored data, encryption is advised by most tech leaders. Using software to equip a file with a password will make it a lot more difficult for the wrong people to get hold of your information.
However, passwords are often an Achilles heel for many businesses. According to the Verizon Data Breach Investigations Report (DBIR), “81 per cent of hacking-related breaches leveraged either stolen and/or weak passwords”.
Inc.com advises organisations that “the most secure passwords incorporate several characteristics to deter hackers, including lower- and upper-case letters, numbers, and special symbols”, adding that they “should also include ten or more characters”.
Being clear on BYOD
When companies do let their employees use their own devices to carry out work, they need to ensure they are being clear about where the limits are and what sort of information is allowed to be stored on personal devices.
Enterprise data should be kept separate from any personal information kept on an employee’s mobile device. It could be advisable to set out in a contract what sort of information is allowed to be held on a personal device.
The information your company deems sensitive will largely depend on the type of industry it operates in, as well as what function it serves. For example, some companies may not even want employees to access email accounts on their devices, as 66 per cent of malware was installed via malicious email attachments, the Verizon DBIR revealed.
Whatever tactics a company chooses to employ in order to keep its cloud-based data secure, it must ensure it is keeping this issue at the forefront of its digital strategy. Businesses can be devastated if their sensitive information falls into the wrong hands, so it is vital to keep up with what is happening in the field of security.