I’ll be honest. One of my biggest concerns about converting my business to run on the Cloud was the security of my information. And lest you think I’m unduly concerned, you should know that I used to work in computer forensics. My background in retrieving information that people most definitely didn’t want recovered has taught me one lasting lesson: absolutely everything you do on your computer leaves a record – even if you try to eradicate it.
So I know a thing or two about how information is stored, recovered, shared, and protected. I knew that data security was a potential problem when I moved all of my apps and programs to the Cloud. It turns out that if you’re going to work on the Cloud, your information is vulnerable – simple as that. What you can do, though, is take some steps to protect your valuable files.
First, for files you store online, consider encrypting or encapsulating particularly sensitive information. It turns out that one of the biggest companies for online storage was opening files in order to extract information for a preview function. Dropbox neither asked nor disclosed that user files were being accessed, but when a few users employed a program that notified them when files were opened, the practice came to light. Now Dropbox didn’t have an ulterior motive, but clients who thought their materials were completely private and inaccessible were, well, wrong. Encrypted and encapsulated files are safer.
But even if you take steps to protect the information you store online, what about your personal device when you’re accessing those files? Even if you take the smart step of password protecting your computer, if you walk away while you’re signed in, the documents you’ve opened – or the sites you’ve saved passwords for – are vulnerable. Make sure you take steps to protect the individual devices used by you and your staff when you access sensitive information.
Another big vulnerability arises when we access information stored on the Cloud while we’re using public wi-fi. You stop, grab a latte at Starbucks, and you check an email, review and edit a proposal from a colleague, and you get back on the road. The problem is if you’re not taking practical steps like disabling automatic file sharing or using a VPN (Virtual Private Network,) then you’re making it far easier for unscrupulous folks to access your data via a shared, public network.
The last really big hole in your cloud defenses is your email, and that’s no small thing. We correspond about sensitive information every day, and here’s the thing about email: you can practice good password hygiene – changing it regularly, not using your dog’s name or your birthday – but there’s no foolproof way to ensure that email is secure both on your end, and on your recipient’s end. You should be careful about your email security, but here’s the best advice I can give: never, ever put anything in an email that you wouldn’t want plastered on a billboard. It’s simply impossible to protect everything from everyone, whether it’s someone inside our outside your company. Where there’s a will, there’s a way.
Now don’t take all of these warnings and recommendations as another excuse to delay converting your business to run on the Cloud. The Cloud’s not going away, and in fact, it’s more common and more useful every day. Best practice is to go in with your eyes open and with a plan to protect the information that’s most vulnerable and most valuable.