For the first time, the World Hosting Days event is coming to the United States. With their headquarters in Germany where they’ve held over 10 years of successful conferences, WHD is the world’s largest series of events for the hosting and cloud services market.
WHD will cover emerging visions and concerns that the hosting and cloud industry face. Of the top industry concerns, security warrants significant attention. Many experts are talking of the security risks that the cloud presents as the cloud becomes the preferred method of data storage.
According to the Cloud Security Alliance’s 2015 State of the Cloud Survey, 82% of enterprises have a hybrid cloud strategy, up 74% from 2014. Furthermore, 88% of enterprises are using public cloud while only 63% of enterprises are using private cloud. This rapid adoption of cloud services has led many experts to be skeptical of the security infrastructures currently in place and the capacity that the cloud has to efficiently secure data.
In addition to cloud storage and cloud software platforms, the emerging IoT market—where all data is stored in the cloud—is igniting new conversations about the security infrastructures in place for the cloud. The TechNavio report of 2015 estimates that the number of connected devices will grow to exceed 17 billion in the next 5 years. With the immense range of devices included in the IoT market, the risks for security breaches extend far beyond identity theft and begin to affect health and public safety for individuals and communities.
While many experts will argue that the cloud presents more security risks than on-premises data storage, the big recent hacks suggest otherwise. A recent article by TechCrunch points out that the hacks at ANTHEM, Sony, JPMorgan, and Target all involved on-premises hardware. While cloud solutions have been criticized for posing great security threats, most cloud companies have a unique focus on security that other data storage companies do not. In many cases these cloud companies are aware of best practices for Internet security and are equipped to provide top-grade security. According to TechCrunch, the cloud might actually be your best security bet.
Whether you’re of the mindset that cloud solutions are improving or complicating web security, there are a few precautions that every cloud user should be aware of.
Only trust cloud services with top-level encryption. Updated versions of TLS (namely 1.2 and higher) will indicate that a cloud platform has the potential to encrypt all data. Services like Certificate Inspector allow you to scan your enterprise endpoints or third-party service providers to ensure proper encryption is in place and vulnerabilities are addressed. Utilize two-factor authentication. Requiring two-factor authentication for all users accessing sensitive cloud data is a way to increase security with cloud applications. By using something you know (a strong password) and something you have (an OTP app on your phone or other device), the authentication process becomes much stronger. Ensure device security. Cloud computing creates mobile access to data that would otherwise be physically protected. The mobility of cloud data requires clearly defined mobile device usage policies in order to protect against human error and negligent data access.