Is the Cloud Secure?

Cloud computing is seen as the future of IT, but concerns regarding its security remain. A case in point is the Freedom Healthcare Staffing leak.

Compromised data is always associated with various dangers and problems, but these are always magnified when the data at risk is personal. And the employees of Freedom Healthcare Staffing (FHS) now know what this feels like. Around 957,000 private records were found to be readily available to anyone with an internet connection. These records included drug test records, recruitment details and in-house communications among more technical networking details. Not only were these records available, but the opportunity to edit and delete this data was also an option.

As more and more organizations are moving towards cloud computing, it’s important to understand where FHS went wrong. Let’s see what we can find out.

What Happened with FHS?

The unsecured data at FHS was compromised for one reason and one reason only: negligence. The folder, which contained close to a million records, was on a publicly available drive and had no password protection. Therefore any web browser, such as Chrome or Firefox, could access the data without providing any administration credentials. To make matters worse, the technical data that was visible in this folder provided an opportunity for hackers to delve even deeper into the FHS network. After a security researcher from Security Discovery analyzed this compromised database they informed FHS and all records were quickly secured.

 

Why is Cloud Security So Lax?

Cloud storage is a relatively recent development in IT, so it should come as no surprise that there are teething problems with the technology. But this doesn’t mean data should be left unsecured. Unfortunately, many consumers feel as though the responsibility of their data security should lie purely with the cloud provider. This approach, as FHS discovered, can be highly dangerous. You only have to take a look at the attacks taking place on cloud based data to understand why.

Organizations need to adopt a shared responsibility mindset in order to protect their cloud. And this should incorporate the following:

Enhanced knowledge will, with time, allow us to understand the limitations of cloud security, but as FHS discovered it’s important to take a proactive approach immediately.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


 

Around 77% of businesses work with cloud computing in at least one respect. Clearly it’s an important tool, but what can the cloud do for your business?

Cloud computing has been steadily transforming the way we work for the last decade. And it’s crucial that your business gets on board. We live in competitive times and even the tiniest of edges can have a significant impact on performance. But what can you use the cloud for? And how can it transform your business? These are good questions and ones that you need to know the answers to.

To help you understand how you can harness the power of the cloud we’re going to demonstrate what it can do.

How Can You Use the Cloud?

Despite the complexities behind the infrastructure, cloud computing is a relatively simple concept. The cloud is a digital infrastructure which is available to multiple users over the internet. It’s your existing physical network, but transcribed into binary code. And, thanks to the possibilities of the internet, it can be connected to from anywhere in the world.

Cloud computing has been a revolution in business computing. It’s a methodology which brings a seemingly endless series of benefits to its users. And who wouldn’t want to sign up to that? But what exactly can the cloud do for you? Let’s take a look:

  • Remote Working: Physical space within organizations is a valuable commodity. However, employees take up a lot of physical space. And this can lead to a lack of space for stock and equipment. But the flexibility offered by the cloud solves this problem. As long as an employee has an internet connection they can connect to your infrastructure from wherever they way. This setup grants you the opportunity to maximize the space you have and offer more flexible working conditions to your employees. 
  • Data Storage: A lot of data is currently stored in the cloud and this amount is set to skyrocket over the next few years. It’s a modern phenomenon of data storage and one that is vastly different to past methods. Previously the norm had been to archive endless optical media and record data to huge hard drives. While this provided an immediate source of data for organizations it was all rather fiddly and bulky. Cloud computing consigns this to the past. And it does this by allowing you to store huge amounts of data in remote data centers which is instantly accessible. 
  • Shared Data: We’ve all experienced the pain of a lengthy download time. But now there’s no need to be frustrated. The cloud has seriously updated data sharing for the 21st Now you can back your data up to hard drives on the cloud and provide instant access to whoever needs it. All you need to do is send them a link and the data will be readily available. And, without having to sit through an agonizingly slow download, the recipient can become more productive. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Cloud storage and infrastructure is the way forwards for organizations due to the massive range of benefits it offers, but how secure is your cloud?

Security is the single most important factor when it comes to an organization’s IT operations, so it’s essential that it’s treated with the utmost attention. However, cloud networks are a relatively new platform and, as a result, the level of security knowledge behind these platforms is lacking compared to more traditional networks. Hackers, of course, are keen to this fact and invest substantial time and effort in uncovering security vulnerabilities that they can exploit. Combating this threat, therefore, is paramount to your organization’s security.

As I’ve already stated, cloud networks are a new phenomenon and the wider community generally isn’t as clued up on them as they perhaps should be. And this leads to common mistakes that can cost dearly. However, by taking a look at the biggest cloud security mistakes you can make, you can hopefully avoid them.

Multi-factor Authentication is Vital

Administrative accounts on cloud networks have significantly more privileges than your standard employee’s privileges. Mostly, this is down to the amount of IT knowledge required to carry out these system admin tasks. A non-IT employee simply doesn’t need these privileges. Accordingly, an administrative account is much more attractive to a hacker, so security needs to be tightened. Any cloud platform that understands security risks should have an option for multi-factor authentication, so make sure this is rigorously enforced for all administrative accounts.

Limit the Use of your Admin Account

The root account is the first account you create when you sign up with a cloud provider. It’s a highly privileged account as it contains access to every aspect of your cloud network. If this account is compromised then your entire cloud network is at the mercy of hackers. And this is why you need to limit usage on this account to only the most necessary tasks e.g. do not use the root account for general day to day tasks that put you more at risk of being infected by malware etc.

Check the Encryption Methods

Security moves at a rapid pace and the level of encryption that is now available on cloud networks such as TLS-based encryption is fantastic. Unfortunately, there are also plenty of cloud networks that still operate with less security encryption methods such as the SSL protocol. To minimize the risk of your cloud account becoming compromised, you need to investigate the encryption method used on your network. If it’s even slightly outdated, then it’s time to upgrade.

Restrict the Availability of Sensitive Information

The beauty of cloud storage is that it can be accessed from anywhere, so this opens up your data to a much larger audience if you grant them access to it. While this allows you to collaborate with other organizations and remote employees much more easily than ever before, it also puts your data at risk. Your organization needs to bear this in mind and access controls need to be thoroughly thought through to prevent sensitive data being accessed outside of your organization. Ensure that your employees are aware of the open nature of cloud networks when saving data to such public drives.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


 

Cloud networks are the most important newcomers to storage and networking in a long, long time, but why are cloud networks at risk of being hacked in 2018?

With cloud network revenue set to hit $228 billion in 2019, it’s clear to see that cloud networks have become phenomenally successful and their popularity doesn’t appear to show any signs of slowing down. However, hackers are exceptionally interested in this new slice of digital real estate and, accordingly, are beginning to tailor attacks towards cloud providers. Naturally, new technology is prone to teething issues, but when there’s so much data at risk, it’s understandable that organizations may be a little concerned by the risk of cloud networks being hacked.

Let’s take a look at exactly why there’s a risk of your cloud network being hacked and having all its data compromised.

Hackers Like to Target Big and Sensitive Data

Cloud networks have been readily adopted by many organizations due to the vast benefits they offer, so it should come as no surprise that hackers have followed consumers to the cloud. Organizations are frequently storing entire databases packed full of confidential data which, to a hacker’s eyes, is the ultimate prize. Rather than embarking on time consuming hacking strategies which yield only one employee’s details, hackers are going to go straight to the cloud to obtain as much data as possible.

 

The Cloud Brings New Technology

While organizations are more than aware of firewalls and passwords, cloud networks bring a whole new range of technology that has shifted the goalposts of cyber-security. For example, the cloud is a virtual network rather than a physical network and, accordingly, can’t be treated in the same way as previous technology that organizations have used. New security tools are required to marshal data warehouses in the cloud and, at present, the level of knowledge is, even in many IT professionals, at a naive level.

Human Error is Always an Issue

Employees of any organization that accesses a cloud network are perhaps the biggest threat to cloud security. All it takes is one mistake for a hacker to gain access to your network and, if they access your cloud, this could have catastrophic effects for your organization’s data. As ever, the risk of falling for phishing scams puts the security of your cloud network at risk, but, as covered earlier, the new technology also brings a number of problems to the table such as configuration errors. Amazon, for example, exposed nearly 48 million data profiles earlier this year due to not configuring their cloud correctly.

The Danger of State Sponsored Attacks

Huge organizations that are integral to the running of the country have invested heavily in cloud networks to help store the vast amounts of data that they generate. The result of this is that hackers are continually searching for new and innovative ways to breach cloud security. While their main target may be major corporations, the knowledge that these hackers are gaining means that the ease with which cloud networks can be hacked is increasing. As this knowledge builds and builds, attacks on cloud networks will become easier to execute and more commonplace.

For more ways to secure and optimize your business technology, contact your local IT professionals.

 

Read More


Due to our reliance on data technology, good disaster recovery processes have never been more vital. However, how do you plan for better disaster recovery?

It may be a challenge, but you don’t need to feel apprehensive when trying to tackle this complex problem. And when it comes to disaster recovery, planning is the most important factor. If your IT systems fail then you need to start your recovery process as soon as possible and ensure it’s as effective as it can be. The sooner you can restore normal operations, the less your productivity is affected.

So, if you want to make sure your disaster recovery procedures are finely tuned, make sure you incorporate the following tips. They could be the difference between no IT infrastructure and one that can keep your organization functioning.

Have a Plan

The first step towards having a better disaster recovery plan is to have a plan. Unfortunately, many organizations find themselves too busy to worry about potential disasters and, instead, concentrate purely on the present. While this may help you with your immediate business objectives, it’s not going to help you in the case of an emergency. Therefore, starting work on a disaster recovery plan needs to be sooner rather than later.

Cost isn’t Everything

It’s understandable that budgets are essential when it comes to good business, but disaster recovery plans for IT infrastructure are a little different. Without a fully functioning IT service, it’s unlikely your organization is going to be able to trade at its full potential, if at all. And this is why you need to be careful when looking at the technology and services required for your data recovery. Naturally, you shouldn’t spend an exorbitant amount of money that could cripple your margins, but you also need a data recovery plan which can recover your IT infrastructure quickly and effectively.

Understand Your Recovery Objectives

Key to a good recovery process is understanding what data is crucial and how soon it’s required in the case of a data outage/loss. Objectives, of course, need to be achievable, so don’t burden yourself with unattainable goals such as ‘every worker to have access to emails within 10 minutes of a data disaster’. The best way to test your objectives and measure how attainable they are is through regular testing. This should prepare you for any future scenarios and guarantee that you know how to manage their impact.

Update Your Recovery Plan

If you’re lucky, your organization will manage to operate for a long time without experiencing any data disasters. However, this can lead to a dangerous sense of inertia creeping into your recovery processes. And, as we all know, technology moves at a rapid pace. Software and hardware can be replaced on a yearly basis and these new developments may not chime harmoniously with your existing recovery plan. Accordingly, your disaster recovery plan needs to be regularly reviewed to ensure that it’s current and matches your existing IT landscape.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More