Cloud Computing, Data Storage, and Security

The Cloud is More Secure than On-Premise for Keeping and Sharing Data

Cloud-based software is undoubtedly becoming more and more prevalent in today’s world. However, when asked about it, many are hesitant to trust and use it. Those who are hesitant to extend their use of it often don’t realize how much they’ve already come to rely on it though. When reminded how much they are already relying on the cloud now via their trusty smartphones they pause and admit yes, they are using the cloud more than they realized and they actually do trust it. Trusted apps that save time and money and extend convenience is enough to make them believers. Thank you smart phones!

 

This rise in smartphone technology has sparked a discourse on extending the merits of cloud technology further into business. We are seeing a large number of small to medium businesses (SMB), and mid-market size businesses weighing out if the cloud is as good as their existing on-premise systems. Many have solid IT infrastructure, good talented people, and the resources to consider transitioning to the cloud but are also apprehensive about the possible risks. Risks such as the possibility of liability and lack of control can create some anxiety.  When assessing risk though, it is important to remember that on-premise can and has been breached in recent years, and valuable information stolen. Two big examples of this are the Target and Home Depot security breaches. Here we’ve seen two very large companies with all the resources, staff, and large IT budgets they needed and they were still breached. The fear is that if these companies couldn’t keep their data secure, how much more successful would a small to medium sized business be in safeguarding data on their own?

Very good cloud vendors, who specialize in nothing but data security, can offer a much higher level of data center security than most organizations, large or small, can build and maintain on their own. 

One of the most well respected and trusted cloud vendors, Amazon Web Services, has prepared and put top-level security management standards. They use a dedicated hardware security model (HSM), allowing them to meet corporate, contractual, and regulatory compliance standards. These standards allow them to pass security audits that many smaller organizations have not considered.  Standards like the international ISO 27001:2013, a security management standard that specifies security management best practices. This is widely recognized as the international security standard for data storage. Most enterprises should have a substantial interest in organizations that meet this standard because of its robust requirements. ISO 27001:2013 evaluates security risks and vulnerabilities, then implements controls and risk management initiatives to architect the system capable of defending against possible breaches, risks, and attacks. This helps ensure safety and risk management on an ongoing basis. (See more: https://aws.amazon.com/compliance/iso-27001-faqs/).

 

Because document security and confidentiality is so important to us here at Concord Worldwide, we have chosen Amazon Web Services, or AWS as our web services partner. AWS has been independently audited by Ernst and Young for these security protocols and measures and found to be extremely robust: “We have examined management’s assertion that Amazon Web Services, Inc. (AWS), during the period April 1, 2015 through September 30, 2015, maintained effective controls to provide reasonable assurance that: · the Amazon Web Services System was protected against unauthorized access, use, or modification · the Amazon Web Services System was available for operation and use, as committed or agreed.”(See more: https://d0.awsstatic.com/whitepapers/compliance/soc3_amazon_web_services.pdf).

 

It is important to have a critical eye in evaluating your own team’s time and IT security knowledge. In an age where information is more valuable than ever, it may be through partnering for joint responsibility of your cloud strategy that you will avoid major infractions and minimize risk.  Make sure your cloud applications are compatible with the best cloud infrastructure in terms of login credentials, authentication, and data encryption.  “The more frequently your application vendor and cloud vendor have worked together, the less likely it is that there will be gaps.” http://www.infor.com/content/industry-insights/security-of-cloud-vs-on-permise-deployments.pdf/

 

As you decide how you will administer your network and keep your data secure, consider Concord worldwide as your cloud partner for your companies most important contracts and documents when compliance, security, and authentication through e-signature capture is your goal. We are the world’s best contract success platform. Please ask us how we can help.[/vc_column_text][/vc_column][/vc_row]