Securing data in the cloud
Businesses must retain total control over their data if they are to be confident using the cloud. As vendors start offering more data security-centric platforms, SMBs will embrace the cloud, say Avinash Advani and Kuber Saraswat
Businesses must retain total control over their data if they are to be confident using the cloud. As vendors start offering more data security-centric platforms, SMBs will embrace the cloud, say Avinash Advani and Kuber Saraswat.
Cloud is the great leveller of our era; it allows organisations of any size to draw on resources of any capacity, for a fraction of the cost and little or no capital expenditure. No wonder today’s SMB market, which is the largest growing segment of business globally, is so readily looking at cloud adoption.With the advent of new work practices to meet the challenge of a dynamic business environment, the physical perimeter of the office is now diluted. Practices like work from home, remote access, and collaborative working with business are forcing businesses to extend their contact points and presence beyond the physical office.
Businesses now expect their information to be immediately available and ready for use. The competitive edge in business today is derived from this speed of access to information. From the point of view of an SMB, the cloud provides them with data storage, scalability, computing power and more at an excellent cost/benefit ratio and saves them the effort of setting up the infrastructure and the resources to manage the same. So what has been preventing mass adoption of cloud by these companies? Some of the common concerns surround the confidentiality, integrity and availability of information in the cloud. Concerns relate to unauthorised data access, data segregation, backup and recovery, and auditing of data access.
It has been found that the many widely used and renowned cloud storage solutions have significant weaknesses, such as no online recycle bins, no automatic removal of local files when they are uploaded into the cloud, no automatic upload of files based on file type, no restriction on what type of device a user can connect from, and essentially no digital rights management functionality at all.
Effective cloud security means adopting a data centric security model, which means that the security is now applied to the data itself. By using this kind of an approach, the control over the data is passed back to the data owner directly. Since the approach works by applying security to the data itself, it also unlocks benefits such as watermarking, secure deletion and data expiry.
With users accessing the cloud over myriad devices, it becomes essential that users and data owners are able to persistently encrypt data with a single click and have the ability to make this data accessible to authorised users on all devices. Such a solution will support confidentiality, integrity, and availability. Sensitive, protected data can be shared with colleagues, customers, suppliers, advisors and partners, while retaining the ability to monitor who does what, when and where. Data centric solutions are normally architected with online secure storage provided by a virtual vault where users can save files, making them accessible through any web browser. Space for each user can be easily managed by a group administrator.
By integrating digital rights management, granular data sharing capabilities can be enabled for users, giving the ability to select who can access data, with what rights and for how long. Since it is a cloud-based solution, it is critical that high grade encryption be used. Care should be taken to select only technologies that deliver high performance throughput, or else it will adversely impact users of small form factor devices. Auditability should be a feature in such a system, so that activities performed on protected files are constantly monitored regardless of where the activities are performed.
Other important aspects of the environment should be the ease of creating, adding, or changing users and their related access rights. Detailed reports about who does what, on which type of device and when with auditing and monitoring capabilities are a necessary feature that will help the owner effectively track their hosted data.
A cloud solution with the above mentioned features will promote secure centralised collaboration. Additional features that can be considered or used through an integration or mashup service can be watermarking, secure streaming, one time passwords and IP restrictions. This would enable organisations to choose how they store and share their information. It can bring together the best of both worlds by allowing SMBs to securely realise the benefits of the cloud and maintain complete control over their data.