As cloud computing platforms and offerings continue to mature, more businesses are seriously considering the cloud as a viable option for their mission-critical IT applications. As is often the case, consumers have already been there, done that with online banking, healthcare, and retail transactions and services leading to hundreds of millions of users now storing data in the cloud. Following the NSA leak last month, however, many are starting to question cloud security.
In a recent article I read titled, “How Can The Cloud Protect us From Identity Theft?” the author does a nice job summing up three ways the cloud actually makes our data more secure than if we stored it elsewhere. Here is a short summary of the main points:
- Advanced Encryption Protocols. Some cloud providers use data encryption that meets military-grade standards. I also covered this topic in last month’s CloudTalk blog, in an article titled, “Will The NSA’s PRISM Scandal Put Your Cloud Sales On Hold?” In the article, I made the point that “even if a cloud provider had a highly intelligent rogue employee who was able to bypass the provider’s video surveillance and internal security systems and steal data (highly unlikely), or if they were required to turn over data to the NSA, if the data on the cloud servers was encrypted, the data would be unreadable.”
- Paper Documents Are Harder To Secure Than you Think. This is a really good point that’s easy to overlook: One of the most common ways identity thieves get access to personal information isn’t the Internet, it’s through paper documents that either aren’t kept in a safe place, or they’re discarded documents that aren’t properly shredded.
- Access to Backup. Have you ever been in another country and had your wallet/purse stolen? If you have copies of your driver’s license, credit cards, and other important documents stored in the cloud, all you need is Internet access to verify your identity and cancel your cards. Reacting quickly is an important key to minimizing the damages from identity theft.
One additional point I made in last month’s blog was the fact that SSAE 16-audited data centers have better security than most businesses, including better physical security (and surveillance) surrounding the data center. While there’s no data storage strategy that’s 100% fail-safe, when you compare cloud security to the strategy used by the majority of cloud opponents, the cloud is far more often the clear winner.