The elements of cybersecurity hygiene and secure networks -- Part 2
The blackhat hackers are evolving as quickly as technology is. To protect their sensitive information, companies can put documents in a public cloud. Why the public cloud? While it might seem that public cloud solutions are less reliable than traditional IT platforms, the reality is that they’re actually more secure. With the cloud, a company’s security team is able to monitor network audit logs more closely to detect any abnormalities. Furthermore, audit data can be easily centralized without having to navigate through inconvenient firewall interfaces and other closed proprietary systems. These components are essential for improving security procedures.
The public cloud also allows for more thorough security analyses after an audit. Cloud data analysis systems allow the audit data to be inspected in a more efficient, cost-effective way. These systems take in large quantities of information and are available whenever they’re needed. Real-time monitoring and automated alerts also allow for an immediate response in the event of a security breach. This can dramatically reduce the impact of security incidents and help pinpoint areas that need to be addressed.
Automated File Permissions
To prevent accidental data exposure, companies should automate sharing permissions. Automated permissions ensure that sensitive data is only accessible to the appropriate people. Human error can often lead to vulnerabilities in security and compliance. On the other hand, automated access permissions use workflows to securely control your content. Automation also reduces the amount of manual work, saving your employees time. With this approach, you don’t have to worry about a user forgetting to set permissions on a file. You can also utilize monitoring tools that send out alerts if a file is shared with someone that shouldn’t have access.
Companies that don’t leverage automated document controls and permissions put their data at risk. For example, an Amazon Web Services (AWS) S3 cloud storage bucket exposed sensitive, internal information from GoDaddy, Verizon, and DowJones. This occurred due to a configuration error in the bucket’s permission settings, which have to be changed manually. Automated permissions can prevent these kinds of devastating leaks that hurt both companies and their customers.
Access to Information
There are a growing number of business tools available in the public cloud that allow it to address almost every organizations’ business needs. These tools increase productivity by allowing real-time collaboration between multiple users to reduce miscommunication. Gone are the days of employees needing to repeat tedious tasks to share records or make changes to a document. The new capabilities of the cloud simplify the process while still keeping information protected.
By centralizing information in the cloud, companies can also eliminate email attachments. One big disadvantage of email attachments is that they open up documents to unauthorized modifications. This can lead to confusion as multiple versions of the same document are saved in different locations. Attachments can even expose information to any network vulnerabilities found on the recipient’s device. When all work is done on a single document in the cloud, companies can more effectively manage the collaboration process.
The impact of the loss or theft of personal devices can also be minimized with cloud technology. The possibility of losing a device only increases when you’re traveling or running between appointments. A survey of the top seven airports in the United States found that a little over 8,000 devices were left behind over the year. A missing phone or laptop not only means that your information is gone but also that it’s at risk of being misused. Fortunately, cloud technology has made personal computers and phones disposable. If your device is stolen, you can revoke its access to your files with the cloud’s advanced security features. The data that’s wiped from the device will still exist in the cloud and can be recovered and loaded onto a new device in just a few minutes.
Centralizing information also means that data doesn’t need to be stored on local devices anymore. USB keys, for example, are major security hazards. These devices can easily be lost or stolen, potentially leaving your data in the hands of a stranger. In late 2017, a USB stick was found on a London street with highly confidential Heathrow Airport data, including detailed security and anti-terror measures. Furthermore, people often use free USB devices they’ve received from events or conferences, which could have been intentionally infected with viruses. A security event in Taiwan recently awarded quiz winners USB sticks that contained malware that was designed to steal personal information. The cloud’s security helps prevent these incidents and provides a convenient location that can store and pull up all your documents at a moment’s notice.
Stéphane Donzé is the founder and CEO of AODocs, a software company he created from the idea that the enterprise's need for compliance and efficient processes is not contradictory with good user experience. Prior to founding AODocs, he was VP of Engineering at Exalead, a leading enterprise search company. After Exalead was acquired by Dassault Systèmes in 2010, he relocated to California from Paris as VP of Product Strategy. Stéphane has a master's degree in software engineering from Ecole Polytechnique in France (X96). With 18 years of experience in enterprise software, he is passionate about user experience across an organization.