These days, the cloud is everywhere. And that’s (mostly) a good thing: if you’re working from home — or have anyone on your team accessing your business systems remotely — then you’re most likely already relying on the cloud in numerous ways. Work flows better when everyone can access what they need from anywhere.
Still, you might be leery of a broader move to the cloud. Sure, maybe it’s good for occasional file sharing or storage, and maybe a provider like Microsoft already convinced you to move email to the cloud (probably without all that clear an explanation what was happening).
But is the cloud really secure?
The short answer is yes— but that doesn’t mean you’re necessarily safe.
Here are some things you should know.
The Cloud Itself Is Very Secure
Let’s cut the mystery out once and for all: when people talk about “the cloud,” what they really mean is “someone else’s servers.”
So those applications and services that used to run on your PC or on your server down in the basement? When you switch to the cloud, now they run on someone else’s servers.
You may be thinking, now what’s the value in that? Aren’t my servers safer than someone else’s?
Actually, no— not when that someone else is Google or Amazon or Microsoft (or any other massive company that puts its reputation on the line like this).
Google and its peers will always be better, faster, stronger, more resourced, and further on the bleeding edge of what’s possible. And when you move to the cloud, all the stuff you move there now resides on their servers— with their security, redundancy, and reliability.
When you look at it that way, the cloud may just be safer than that server in the basement. All it takes is one flood or fire (or criminal who gains physical access) and your basement server is toast. That kind of thing doesn’t happen with Google, who usually hosts multiple redundant copies of everything in multiple data centers.
The Biggest Weaknesses of the Cloud
Even though the cloud is generally very secure, it has quite a few weaknesses that you need to know about so you can protect your business from them.
Credential Loss or Theft
First up is something we’ve blogged about a lot: your employees’ credentials.
The old username-plus-password system just isn’t very good. And when you put all your apps and files in the cloud, all of the sudden a stolen set of credentials becomes a much bigger deal. Now it’s not just someone who gains physical access to a company system you have to worry about. Anyone, anywhere, anytime, who gets the right set of credentials can gain access to whatever that person had access to.
And with people working remote and at odd hours, this kind of cybercriminal access can be hard to detect.
Human error also plays a role. To be honest, sometimes the cloud can be a bit confusing. If you’ve ever shared a file on Google Drive or tried to do the same with Microsoft OneDrive, you might know what we mean. Some things work like the file folder system we’re used to, and some things don’t. It’s relatively easy to end up giving access to the wrong people or to do work in a file you didn’t know was public.
You might even delete a file that you thought was yours, only to discover it was a shared file someone else needed!
The Good News: These Are Fixable
The good news is that, in most cases and with most services, these weaknesses can be overcome. Multifactor authentication stops 99.9% of illegitimate sign-ins, so you’ll want to implement that right away.
As the passkey system continues to roll out, that might be a good option for systems that adopt it.
And a lot of those human-error problems can be solved, either by training or by better governance and implementation policies.
So— is the cloud secure? Yes. But the ways your people access and use the cloud? Those might need some work.
If so, we can help. Call or email us today!
[Dive deeper into a professional’s guide to cloud cybersecurity with this month’s guide!]