Cloud Computing Demands Good Security Practices

By Casey Houser
Contributing Writer

When users think of cloud computing, they may associate it with data being located in a remote server, or they may consider its allowance of remote access to software or databases. Although those elements come with adoption of the cloud, it also comes with something arguably more important: a changing face of data security.

A recent article at Entrepreneur.com comments on the big shift from traditional to cloud computing. It says that companies used to be burdened with employing their own IT staff to keep watch on local servers. Cloud computing threw that notion out the window because cloud hosts complete all the server purchases and maintenance. However, they also act as the bearers of security because they have access to all the data that passes through their machines.

How can companies in search of convenience and security make sure they have both?

First, Entrepreneur notes, companies must do their homework. It claims that not all service providers are equal because not all of them obtain the certifications necessary to show that they measure up to the highest security standards. If a cloud host has gained certification in ISO, AICPA, the Security Alliance, or PCI (News - Alert) – just to name a few – they showcase that they are serious about the protections they take to safeguard customer information.

From there, customers must take the helm. Businesses can help secure their own digital lives by adopting strong password practices such as using single sign-on in addition to two-factor authentication. This will force employees to be thorough in their first login of the day but will also allow them the freedom to use many applications that are associated with a single login. Companies that enforce the use of password managers can also improve their security by placing password creation into the hands of the computer, which can generate random strings for passkeys.

Businesses should also assign account administrators who can manage access to a company’s cloud service. This individual or select group can control access and make sure that individual applications are wrapped in monitoring services. Applications can only be as safe as the people who access them, so it will also be necessary for admins to have the power to de-authorize any person who leaves the admin group or who leaves the company. Those sorts of quality checks can prevent unintended access from any current or former employee.

Finally, in addition to keeping abreast of company staff changes, admins should also be sure to keep pace with software updates. Often, vendors will release updates with security patches, so hackers cannot so easily break into the applications in question. Unless admins complete those updates, companies cannot take advantage of the increased security. Regular update schedules become an integral component that works alongside account management and access tracking – all to keep business data as safe as possible.