Importance of Cloud Data Security
Since 2015 there has been a remarkable increase in the use of cloud based solutions, such as cloud backup, email, project management tools and virtual desktops. In a study conducted by Ponemon Institute, they found on an average modern days businesses are using 27 cloud based applications. – 2018 Global Cloud Data Security Study
As per the study cloud data security ranked at #5 out of the 9 criteria of what businesses look for before selecting a particular cloud based solutions. Efficiency and Cost were placed as 1st two criterias, which seems to be a fair while considering a solution for your business. But in the current digital age it is moreover important to factor in security along with these top criteria.
Let me take you through a scenario where a business chooses a low cost unsecured cloud based solutions.
Consider the data that you are going to store on your cloud based solution. According to the Ponemon study, primary types of data stored in the cloud are customer information (59%), email (49%), consumer data (47%), employee records (38%) and payment information (39%).
Say you have opted for a solution and the above mentioned data has been stored on to the cloud.
As per the Office of the Privacy Commissioner of Canada (OPC), the data you saved, travels over the Internet and gets stored in remote locations. In addition, cloud providers often serve multiple customers simultaneously. All of this may raise the scale of exposure to possible breaches, both accidental and deliberate.
In case of a cyber attack, the unsecure cloud will not be able to prevent you from stopping or avoiding the breach. The trust your customers and employees had is now hampered, which might result in big loss to the business.
Apart from this, the business failed to follow the Government Regulations. Under Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s private sector privacy legislation, an organization that collects personal information is accountable for the data collected even when such data is outsourced for processing to third-party providers – an example of which is a cloud provider. Under the Digital Privacy Act, a law that amended PIPEDA (still not in force in the absence of “Regulations”) states that organizations could face fines of up to $100,000 for failing to inform the affected individuals and the Privacy Commissioner about data breach.
Another law that demands cloud data security is the General Data Protection Regulation (GDPR) – a European Union (EU) law that’s set to be implemented this coming May 25th. While GDPR is mainly an EU law, it has an “extra-territorial” scope, which means that even if your organization isn’t based in the EU, your organization is still covered under this law if your organization processes personal data of EU residents. The maximum fine under GDPR is 4% of the annual global turnover or €20 million, whichever is higher.
At GigE, we understand that most of the businesses might not have the expertise to select the right cloud based solution for their needs. That’s where our experienced IT professionals can help businesses. Call +1 (888) 366-4443 today to find which cloud based solution is the best for your type of business.