6 Security Red Flags When Identifying the Perfect Cloud Storage Solution

May 6, 2016 | Backup, Cloud, Cloud Services, Security, Servers, Storage

For a long time, the cloud was considered the “wave of the future.” But the future has arrived. A great cloud storage solution not only allows your employees access to files anytime, anywhere—it also makes it simple to sync files, work on the go and share and coauthor documents with ease. But more than 50 percent of organizations find cloud storage to be the riskiest cloud app category.

A big reason for that? Security threats. Despite all the data out there showing the cloud to be just as or more secure as on-premises storage, security remains the top barrier to cloud adoption, according to the Cloud Security Alliance. That’s why cloud security is one of the top concerns for providers—and why they spend so much capital making sure their products are secure. In fact, by 2019, the global cloud security market alone will have reached an estimated $8.71 billion.

Still, not all cloud storage providers are created equal, especially when it comes to security. Even though it’s important to get a “good deal” on your enterprise cloud solution, it’s more important to ensure the security of your data. When researching cloud storage providers, be on the lookout for those that exhibit the following red flags—and avoid them like the plague:

[list style=”bullet”][li]No solid reputation—In this business, like many others, reputation is key. If a no-name company is offering a great price, make sure to investigate testimonials, recent downtime, experience, breadth of services, etc. before signing a contract. Also, remember that a smaller company might not have the capacity to manage your load, give your organization the attention you need or even be in business in five years’ time.[/li][li]Non-HTTPS site—An HTTPS site is essential for proper security, because it secures any requests for personal information, such as forms. In addition, sites not encrypted with HTTPS allow for easy interception of login credentials. If your login credentials are discovered, hackers can access your files, steal your data and do a lot of internal damage.[/li][li]Other security protocols missing—Any decent enterprise cloud storage provider will offer certain protocols, including encryption, which ensures the only people who can access your company’s data are those with proper login credentials. You’ll want a high level of encryption, such that your data won’t be compromised by prying eyes even if the cloud storage provider comes under legal action.[/li][li]Weak privacy statement—When comparing online cloud storage providers, ask yourself, “How committed are they to protecting my data?” Find a service with a strong privacy statement, one that doesn’t give permission for that service to browse your files. Some are more stringent than others. Determine what is acceptable for your organization’s needs and choose wisely.[/li][li]No mention of compliance standards—Meeting compliance standards and obtaining industry certifications demonstrate a provider’s capabilities and offer proof of reliable security. Looking at these certifications and met standards is an objective way of comparing each provider. Examples of compliance standards include ISO 27001, HIPAA, FERPA, FISMA, SSAE 16, PMI and more.[/li][li]Vague service agreements—A cloud storage provider’s service agreements should offer enough transparency that you truly know what you’re getting. A provider should make clear commitments about what security controls it has in place, where data resides and who manages the underlying technology. How can you trust providers to protect your data if they won’t tell you how they plan on doing it?[/li][/list]

There is no one-size-fits-all cloud storage solution. Every organization has different needs, and these needs should be reflected in your choice of an enterprise cloud provider. Whatever your solution and whoever your provider, though, security should remain at the top of your list of considerations.

Recent Posts

The Acronym Soup of Endpoint Security – AV/NGAV/EDR/MDR

The Acronym Soup of Endpoint Security – AV/NGAV/EDR/MDR

Do you ever miss the stories that started “back in my day”? I used to spend weekends at my grandpa’s house helping with chores like mowing the yard or running around the chicken coups. We’d watch black and white western shows on television and then he’d tell me about...

What is and why you need a SIEM/SOC

What is and why you need a SIEM/SOC

Everyday, countless businesses are targeted for attack by malicious hackers. It’s no longer a matter of if. This was highlighted by an experiment run by Sophos, a data security company. Sophos sought to identify how quickly attackers would be able to identify a...

The Modern Digital Warzone

The Modern Digital Warzone

Cybersecurity often shares many comparisons to military and borrows many concepts and terminology from the forces. For example, the Lockheed Martin Cyber Kill Chain is borrowed from a military concept related to the structure of an attack consisting of target...

Do You Secure Your Lawn?

Do You Secure Your Lawn?

Do you secure your lawn? No, I don’t mean from the likes of “Dennis the Menace”, and hopefully you’ve never uttered the phrase “you darn kids get off my lawn!” But believe it or not, there are some similarities between caring for your lawn and cybersecurity....