Cloud Security: How Resellers can Help
Confounding its severest critics, cloud computing has weathered the test of time.
The cloud’s durability – even in an era of escalating threats – has gone hand-in-hand with its entry into the business mainstream as companies recognize the tangible benefits that it offers. Adoption rates are off the charts with spending on public cloud infrastructure hardware and software expected to climb from $38 billion this year to $173 billion by 2026.
The reality is that, despite fears that it is not secure, 90% of enterprises in the United States now use the cloud – and 52% of small and medium-sized businesses use the cloud – for storage. However, most organizations admit they still have mixed feelings regarding security.
This complicated reality offers an opportunity for savvy cloud resellers to guide clients – especially given that many SMBs and smaller companies may need advice on how to safeguard their cloud applications and data.
Cloud Security Checklist
Data nowadays is not just dispersed on clouds. It’s also accessed from a variety of devices – laptops, tablets, smartphones and even the Internet of Things. And as companies let their employees access e-mail, databases, and store documents via the cloud, it also presents new targets for malicious hackers.
So when resellers review their clients’ cloud security strategy, the security solution ought to fit the client’s larger business goals as well as their appetite for risk. A strong cloud defense rests upon a strong security foundation, but there are a lot of moving parts to consider in its construction.
- Start with a discussion of the actual cloud-migration goals and an assessment of the current IT infrastructure. Figure out the technical requirements of the data migration as well as the cost.
- Find out how many cloud apps, sanctioned or otherwise, are going to be involved and put a plan in place to monitor and control the use of unsanctioned cloud apps and accounts. So-called Shadow IT deployments can compromise a company’s security by connecting unauthorized products to the cloud.
- Design an incident response plan that lays out individual responsibilities and steps to guide the organization during what promises to be an otherwise chaotic period.
- Put in place a data backup and recovery plan and test it regularly to identify gaps. As the great college basketball coach John Wooden famously said, failing to plan is the same as planning to fail.
- Choose suppliers carefully. Weed out companies that fail to bake in security to their products.
- Keep close tabs on user access rights and modify them as employee roles change. Disgruntled employees can use their insider knowledge to steal or corrupt data so access control is essential.
- Check whether current IT staffing is sufficiently skilled to handle the migration and the follow-up security maintenance. Embarking on a cloud migration without the right personnel by your side is a good way to invite disaster.
- Make sure your cloud apps are compliant with regulatory requirements and make sure you’re aware of any legal or regulatory requirements. Organizations need to be in sync with regulatory guidelines governing what kind of data can get stored on the cloud.
- Use encryption to protect valuable data stored in the cloud. In case of a breach, any unencrypted data is ripe for theft and misuse.
- Find a distribution partner who is well versed in cloud solutions. Knowledgeable distributors can augment the resellers’ technical team, provide sales and training support and help provide efficiencies of scale.
There’s no one silver bullet when it comes to cloud security. But a well-conceived layered defense can reduce the risk of data breaches and help mitigate the damage in case of a compromise.
This article is sponsored by Westcon-Comstor.