Any true business leader understands that their 2 greatest assets are their team and their data. Therefore, it’s paramount that their data is kept safe from prying eyes. Most business would be cautious about letting their sensitive data being seen by all of their staff, but this risk would generally be a lot lower than if the data was to be leaked out to the general domain.
In 2014 we saw a few public cases where this happened and caused damage to the reputation of some well-known brands – Apple, and Sony.
The point I am getting at, is that no matter how small or large your organisation is, your data is very important to keep safe and the damage of data theft to your brand can be huge, and for some businesses they may never recover.
I have personally witnessed this way too many times, when I have been consulting for companies and I find that although they talk about security, what they actually do in practice is far from it. This varies from sharing passwords around, storing them in unprotected text or excel files – or straight out just writing them down in a diary that are left on the users’ desk.
So, how does this relate to security in the cloud? It’s quite simple. At the end of the day, when it comes down to any form of security, the weakest link will always break. In many cases although data is stored in a secure location such as Dropbox or Google Drive, the key to the wealth of data is not protected. Organisations of all sizes really need to be diligent about security of their data when its internal, as when that data is put into the cloud, the door to accessing your data just became very public. So a weak password will be compromised very, very quickly and before you know it your private data is no longer private.
Most cloud storage providers offer to have your data encrypted on their infrastructure which means that even they cannot see what your data is. This is definitely a good option to take as you never know who is working for them. The key to your privacy in the cloud is actually borne by you and your team through a strong security policy. Work with your MSP to design and implement a security policy, then ensure it’s enforced.