Cloud synchronization progress bar on laptop screen showing the issues on cloud storage security and how organizations can address them
Cloud Storage Security Issues by François Amigorena, Founder and CEO at IS Decisions

Cloud Storage Security Issues

Cloud storage has been around for many years now, and its use among businesses is on the increase. But how does using the cloud for your storage needs affect the security of your data? 61% of SMBs believe their data in unsafe in the cloud, but why? And what can be done about it?

SMBs are worried about their data in the cloud

While there is no doubt that the cloud brings many benefits, it also brings a number of risks that SMBs are concerned about. They find it risky to trust a third party with their data because they’re not in control of it anymore.

  • Unauthorised access is harder to detect: With data stored on premise, the need to be physically present in the office to access these files creates a natural boundary against unauthorized access from outside the organization. Plus, access can be restricted to specific devices only. With cloud-based storage, data can be accessed from anywhere in the world and on any device, which increases significantly the chance of unauthorised access.
  • Data theft from leaving employees is harder to stop or prevent: For the same reasons as above, it is much easier to spot an employee stealing sensitive information when it’s stored on the physical desktop computer. Cloud storage makes it extremely easy for leaving employees to steal data before they go.
  • Hybrid storage environment is difficult to manage: While using a mixture of on premise and cloud storage increases productivity, it also makes managing the security of the data stored across multiple environments very challenging. According to recent research, 56% of SMBs say that it’s difficult managing the security of data living in hybrid infrastructures.

And the current mentality towards Cloud Storage is not helping

A majority of organisations believe their own data is more valuable than that of their clients, according to the same research. This is very worrying considering third-party and insider breaches are on the rise.

This mentality will worry those that operate with large and complex supply chains given the lack of control over data security once it lives on third-party systems. Moreover, like we said before, many organisations are using a mixture of on-premises and cloud storage systems, and they are struggling to manage the security of data — either their clients’ or their own.

Furthermore, 45% of organisations said that moving to the cloud has damaged their security and 59% believe that the native security controls of common cloud storage providers are not strong enough to protect data. Despite that, 90% are simply relying on the native security of whichever cloud storage provider they’re using and only 10% are using third party cloud file monitoring tool to prevent unauthorised access to sensitive files.

There clearly needs to be a more efficient way to ensure that data in the cloud remains safe. Moving to the cloud does not diminish an organisation’s need to secure access to and usage of file data.

What can organisations do about it?

The mentality of ‘my data is more important than yours’ needs to change. Many organisations share a huge amount of sensitive data with their clients over email and via the cloud — and with supply chain attacks on the rise, all it takes is one mishap from one supplier to compromise your data. Nowadays, organisations consider the cybersecurity of their partners before choosing to work with them. Therefore, it’s vital that organisations can demonstrate that they can keep their clients’ data safe.

The most effective way to ensure that your data is protected whether it’s in the cloud or on a mixture of on-premise and cloud, is to invest in technology that proactively tracks, audits and reports on all access to files and folders and alerts you in real-time and alert IT teams to suspicious file activity the moment it occurs.

If you have a solution in place that provides a consistent view of the security of your data across all your storage servers — whether on-premises or on a third-party cloud system — you can rest assured that if someone other than an authorized employee attempts to access your data, you’ll be the first to know about it and therefore, be able to do something about it.