In recent years, there has been a huge movement from storing data the traditional way, as the cloud has grown and become the better answer and option for companies and organizations alike. However, this has also led to a growth in cyber criminals and data breaches now that someone can access sensitive documents from their living room couch. As such, cloud data leaks have become an all too common problem for companies. More and more news has discussed ways to prevent breaches, and you can find a plethora of articles that talk about large and small companies alike being attacked. For this reason, knowing how to prevent a cloud data leak is the first step in keeping your business and information safe. Here are a few of the best and simplest strategies to help you avoid cloud data leaks.
Encrypt Data
This should be a no-brainer. The benefit of encrypting data can be tenfold as hackers need a specific encryption key to actually read the data stored in your cloud. Whether your data is at rest or in motion, it should be encrypted all day, every day. Although we started out with this one, encryption is more often the last defense you have against cyber criminals. At the end of the day, if they can still access your cloud data, with encryption there’s no way they can actually use it.
Change Passwords
You’ve heard it once, you’ll hear it again: be smarter about your passwords. Recent studies have shown that it’s not just a matter of creating a Jackson Pollock of letters and numbers. In fact, the hardest passwords to crack are phrases. Don’t risk your client’s contracts or credit card numbers, your Social Security Number, or your email just because you like to use your wedding anniversary as every password. Shoot for a longer phrase, something silly to help you remember. Also, look into investing in a password program like LastPass that stores all your passwords in a safe place, so you only have to remember one password. LastPass and other password management tools like Dashlane or LogMeOnce can also help you generate hard-to-crack passwords.
Train
Whether you have a small organization or a large institution, training your employees and contractors to be smart about their data use and access is paramount to avoiding cloud data leaks. With so many devices jumping onto Wi-Fi and networks, it’s easy for hackers to sneak onto less secure devices and quickly gain access to your network, servers and cloud. Take the time to educate your employees on what a phishing email looks like, show them how to better generate passwords, and teach them to ditch spreadsheets to store that password info. Don’t assume that top level execs are making the best decisions around sensitive data either, and don’t assume that everyone in your organization knows how to perfectly prevent data leaks. By taking the time to educate employees now, you can save yourself a huge headache down the road (and quite a lot of money, too).
Backup Your Data
Data backup may feel like a “thing of the past” because hello, we have the cloud now, so some might think we don’t need to backup our data anymore. But that’s not true. A lot of data losses and breaches have been caused by physical backup drives being stolen, but that was also a “thing of the past.” Today, companies can use organizations that use the internet to backup, getting rid of the risk of drives or tapes being stolen or lost. Of course, there is the fear that if your cloud data can be hacked, so can these internet backups, but most of these companies have invested in top-notch security protocols. You’re definitely getting what you pay for with them. Check out companies like IDrive, SOS Online backup, or Carbonite among others. Even better, invest in both physical and online backup options so that you'll be protected even if one of your backups fails.
Set Permissions
A huge part of why data leaks happen is because terminated employees still have access or entry-level employees can access exec level data. And most of the time we don’t even realize it. Stay on top of the permission within your networks and servers to make sure only the right people can access the right data. User permissions are actually very easy to set up through your IT department and can be easily tracked and maintained as long as you make it a point to stay on top of personnel changes. Doing so can lower the risk of someone copying and pasting sensitive data and having that get accidentally sent in an email to the wrong person who may not be an a safe network.
About the Author: Rick Delgado is a freelancer tech writer and commentator. He enjoys writing about new technologies and trends, and how they can help us. Rick occasionally writes for several tech companies and industry publications. Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
