By Dr. Ly Sauer
Director of Research
For most people contemplating storing their data in the cloud, the most prevalent issue is keeping precious data safe and secure, making sure it’s private and will never be corrupted or lost. Creating a secure cloud environment is a complex process, but here at CX, we take every step possible to guarantee your documents are protected and want to dispel any worries those new to the cloud may have. Ensuring your computer data is protected from threats has always required more than just technical solutions, such as administrative, physical and organizational policies, procedures and documentation. The non-technical requirements (e.g., administrative, physical and organizational policies, procedures and documentation) are simpler to satisfy when the data resides on your local computer or on a server controlled by your enterprise. Locality is used to meet many of the non-technical requirements.
Cloud computing changes all of this by removing our dependencies on the locality of our data and requiring us to put trust in a third-party provider – the cloud. Although cloud computing can offer significant cost savings benefits and shorter development life cycles, the service comes with major security risks that exponentially enhance the cyber-security challenges. The challenges include the cloud provider outsourcing data and computer services; access control; trustworthy service metering; multi-tenancy and privacy; and legality.
CX understands these challenges and architects and designs our products to ensure the security requirements are satisfied. As you evaluate potential cloud-based services, keep these security guidelines in mind, and know that at CX, security is our top priority.
1. Secure Data Transfer – The cloud storage service should ensure the data is always traveling on a secure channel and is encrypted and authenticated using industry standard protocols, such as IPsec.
2. Secure Stored Data – The cloud storage service should ensure the data is encrypted, protecting the data from improper disclosure. The data should be encrypted end-to-end – from the moment the data is created to when it is stored. If end-to-end is not possible, make sure it is encrypted before it is stored in the cloud.
3. Access Control – The cloud storage service should ensure improper disclosure of data to unauthorized users is prevented.
4. Data Separation – The cloud storage service should ensure data is guaranteed to be accounted for and separated from other users.
Don’t commit to a cloud storage provider before evaluating it for its security measures. Unsafe clouds may disperse your data to other users or make it inaccessible altogether. For more information on CX’s security protocols, click here.