In this post, you’ll learn about the second of three distinct areas of security risks of cloud computing. Guess what, data? What is the first cloud security risk? Access. You may have protections for the first risk. But how much have you thought about the second risk?
What if there is a problem with the data you store?
Common data security risks of cloud computing
- Your employees could improperly disclose your info. Imagine one of them accidentally sends an email containing confidential info like credit card or social security numbers. You would never want that to happen.
- Your application could give out harmful data, or imagine it sharing phishing links or malware. A total nightmare!
- Or, your data is stored somewhere (where it shouldn’t be stored) without proper security protocols in place.
[ Read also: Top 10 Cloud Computing Companies In 2021 ]
You must know what kind of data you store and where it’s located. You must be sure that you don’t store personally identifiable information (PII) that you should not store in the first place. In case your data is compromised, it could lead to serious consequences (financial penalties, reputational damage, etc).
And even if you store sensitive information (as many companies today do), if you can’t find where you stored it, that is a great problem as well.
Below are the potential points of failure that surface data security risks of cloud computing:
Loose access to data
Usually what you should be concerned here is about the people who have access to machines. For example, a compromised employee accessing data they shouldn’t. You should always stick to the “least privilege” principle so that you grant minimum necessary permissions only to access specific resources.
Bad data being stored
You should know what kind of data your systems store. Are you sure that there is nothing bad with your data like you’ve not received any bad data or stored illegal data? If the data coming into your system is junk, then even if every other component of data security is working as normal, the system still won’t function as intended. Sometimes unsanitized data can even be used to exploit a system to further compromise the application.
[ Read also: Top 5: Cloud Computing Books To Read In 2021 ]
Bad data transfer or storage
What about something bad with the transfer or storage of your data? For example, not being able to find where data is stored. This can result in a potential data loss whether because it never got stored, or because it got lost once it was. Either way, the end result is that the data you think you stored and now need can’t be retrieved.
Data storage devices
Even if you’ve taken care of the above points what if there is something bad with the system/machine that stores the data? Like it containing malware, or if its security was compromised. In this case, even though the data is stored correctly, it might be leaked or accessed by the wrong people.
Luckily most of the cloud providers today help you to take steps to protect your data through
- robust identity and access management (IAM) to maintain fine-grained access control to your cloud (data) resources (e.g. Google Cloud IAM),
- encryption to make sure at-rest and in-transit data cannot be read even if stolen,
- comprehensive logging and monitoring to track who is accessing what in your system (e.g. Google Cloud Logging & Monitoring),
- organizational policies to proactively set rules on who can access what data and where it is stored to protect your resources (e.g. Google Organizational Policy Service),
- and well-protected machines (e.g. VMs) and associated management tools to make sure machines you use are 100% secure.