How to Keep Your Customers Safe in the Cloud
In 2015, a new threshold was reached when a sophisticated attack ring successfully breached more than 100 banks across 30 countries with losses estimated to exceed $1 billion.
The recent MPN blog introduces the Security Practice Development Playbook, which can help you rise to the challenge of providing a more secure cloud experience for your customers.
Questions? Feedback? Post them here!
Re: How to Keep Your Customers Safe in the Cloud
Keeping client data secure is becoming increasingly important for professionals and freelancers.
It is essential to put limits on employee access to client information. Computers and servers with password protection will ensure this, but remember to change passwords and access rights when members of staff leave your company - particularly if you store data in the cloud. This will make sure any disgruntled ex-employees cannot access, steal or delete your clients' private data. Make sure passwords are obscure enough that they cannot be guessed, incorporating symbols and numbers. As well as company policies for collecting, storing and using sensitive data, you should also have policies in place for purging outdated or old information.
2. Security software
You can never have too much security protection; hackers are constantly on the search for easy targets and are finding new ways of accessing information. If you have multi-layered security software in place, it will be much harder and more time-consuming for them to reach sensitive data. Firewalls and anti-virus protection on all devices used by your firm will help with this. You should also employ encryption protocols to make it difficult for them to view the data if they do breach your security - by scrambling the information, encryption software is able to make sensitive data unreadable to anybody without the decryption password.
According to Kaspersky, more than 200,000 new malicious programs are detected and blocked by their software every day. This gives an idea of the fast-moving nature of malware. Although it can be time consuming, it's imperative that not only security software, but also operating systems, are updated regularly to protect against the most recent malware. This goes for all devices - desktops, laptops, tablets and smartphones.
4. Remote wiping
Firms are moving towards using mobile devices as part of their daily activities, and this presents a new range of risks. Having a laptop stolen or leaving a tablet on public transport could see sensitive client data fall in the wrong hands. Remote wiping software can delete this data and potentially stop this issue. Apple offer users a remote wipe function as standard (provided devices are signed up to iCloud) and Google offer a similar solution via the Google Apps Device Policy app.
5. Choose a reliable cloud provider
If you store much of your client's data on the cloud, make sure you choose a reputable and secure solution. Google and Apple both offer leading security for their cloud solutions, and you can purchase more storage when necessary. If you would prefer to keep your data on your own private servers, choose a well known hosting provider or, if you have the budget to do so, consider hiring an IT consultant who can provide you with some options.