Brought to you by AVG Technologies, the provider of Internet and mobile security, privacy and optimization to 150 million active users. There’s nothing small about small business in our eyes. Get more information how AVG can help your small business stay protected – go to http://www.avg.com/us-en/internet-security-business
6 Steps To Staying Safe In The Cloud and Steps Ahead of Hackers
The cloud has become a magnificent tool that small businesses have been leveraging for years. It has provided the small entrepreneur with the possibility of wielding the same amount of computing power and capabilities of a larger corporate entity. In short, the whole concept of cloud computing has become a great boom to all business owners, allowing them to do things they previously couldn’t fathom doing.
Even though the cloud has become a highly convenient tool for all sorts of things, it’s still an arena where you should exercise extreme caution. It’s not uncommon for a major cloud provider to get compromised, spilling tons of customer data into the hands of malicious people. Even worse, internal compromise could seriously damage your company.
To fight the war against internal and external threats, there are a couple of things you should keep in mind:
- Do a Google search with the term “hacked” after the name of the service you are considering (or currently) using. If you find an article relevant to the service being hacked (from a credible news source), then you should steer clear from it unless the article mentions they’ve made drastic adjustments to the way they conduct their security.
- Is everything they store encrypted? Where does the decryption take place? Ask your cloud service provider these questions! If encryption happens locally (on your computer), you’ll have less chances of compromise.
- Do not share one account between employees. It’s tempting, since many of these services may charge per-user fees. If possible, purchase two user accounts: one for you, and one for your employees. Every time you off-board an employee, then change the employee account password. This is a form of jerry-rigging, though, and doesn’t count as a best practice. The best way to stay safe on the cloud is to have one account for each person or use a single sign-on (SSO) solution. Each employee would have one SSO account, all of them would be using the same cloud account to log in, but they wouldn’t know the password since it’s managed on the SSO’s end.
- Run as many cloud solutions in-house (i.e. running your own private cloud) as you can, if possible. This is not only for regulatory reasons, but also for the security and integrity of your data. If a public cloud service is hacked, you’ll be immune, since all your data is in-house, not on their servers. Although in-house private cloud computing presents certain advantages, you still bear the full responsibility of keeping the server secure. That means installing anti-malware and putting it behind a decent firewall!
- Avoid using the same password for each service. SSO helps here. Using the same password for everything will guarantee that one day you’ll have all your data compromised.
- If you have regulations to comply to (PCI DSS, SOX, HIPAA, etc.), then you must make sure that the services you pick are compliant with those regulations. Otherwise, you could be hit with nasty fines!
Security in the cloud is a growing issue and hackers don’t make it any easier. They will always find a way around new technologies, so it’s important to stay one step ahead. Ignore anyone who tells you that the cloud is a 100% safe solution. Many prominent services have already experienced major compromises, making it important to tread carefully.