Is Your Cloud Provider Keeping Your Data Safe?
Companies across business sectors continue to move data to be stored on cloud services, rather than use in-house datacenters. Cost, speed, global scalability, productivity, performance and reliability are six of the most common reasons a cloud system works more efficiently.
The benefits of cloud services are:
● Redundancy: The data is usually stored in three different places at the same time, so it would take three separate hard drive failures (including your local machine) to lose your data.
● Security: Your biggest threat to security is within your local machine and how you secure your passwords. Only you can access those files, unless you leave them open to vulnerability.
Of course, the security of the stored data is front-of-mind for informed decision-makers. So, what are the big three tech giants doing to keep your information safe and secure?
Microsoft cloud infrastructure: OneDrive and Azure
Encryption at rest is available on OneDrive, but only for business users. While data is encrypted in transit using SSL it remains unencrypted at rest. If you are a user of OneDrive for Business, Microsoft uses per-file encryption which encrypts files individually each with a unique key; so if a key was compromised it would only access one individual file rather than the whole store.
All OneDrive users do get access to two-step verification, which further protects the login.
Azure starts security with the program known as their Security Development Lifecycle (SDL). The SDL addresses security at every development phase and continually updates Azure to make it even more secure.
Operational Security Assurance (OSA) uses the knowledge and processes from the SDL program to supply a framework that helps provide secure operations throughout the lifecycle of cloud-based services.
The Azure Security Center makes Azure the only public cloud platform to offer continuous security-health monitoring.
Microsoft also offers a technical breakdown of services compared to Amazon Web Services (AWS).
Amazon cloud: Amazon Web Services (AWS)
(From Amazon’s security page about AWS)
“AWS offers you the ability to add an additional layer of security to your data at rest in the cloud, providing scalable encryption features. This includes:
● Data encryption capabilities available in AWS storage and database services, such as EBS, S3, Glacier, Oracle RDS, SQL Server RDS, and Redshift
● Key management options, including AWS Key Management Service, allowing you to choose whether to have AWS manage the encryption keys or enable you to keep complete control over your keys
● Encrypted message queues for the transmission of sensitive data using server-side encryption (SSE) for Amazon SQS
● Dedicated, hardware-based cryptographic key storage using AWS CloudHSM, allowing you to satisfy compliance requirements
In addition, AWS provides APIs for you to integrate encryption and data protection with any of the services you develop or deploy in an AWS environment.”
Google cloud: Google Drive
After the 2015 password scare, Google now uses HTTPS on all its services, and also implements ‘internal measures’ to look out for potential compromised account login activity.
Google offers two-step verification, and with the data itself, it’s encrypted in transit (to and from your device, and also between Google data centers) using SSL but is stored at rest using 128-bit AES.
Cloud storage is safer than you think
Cloud storage is much more secure than many consumers (and even some business owners) believe. For more information about security, read this perspective from John L. Miller, who worked on several distributed and cloud storage services and holds a Ph.D. in distributed systems.
If you have concerns about multifactor authentication or cybersecurity for your business, contact us for a free consultation.
Cyber Security Technologies provides enterprise solutions and technology consulting in cybersecurity, systems integration, engineering development and product support. We also deliver application customization and consultation services to businesses for cross-platform integration of the patented RecordVault product or technology incorporating software-based multifactor authentication (MFA).
Photo Credit: via photopin (license)