Add Home Depot and Kmart to the recent list of major businesses, including Target and JPMorgan Chase, that have suffered serious data breaches. But as a small business, you don’t need to worry, right?
Wrong. In fact, small businesses are increasingly attractive targets for cyber-attacks, but those attacks don’t get the same headlines as the ones on major corporations. According to a Verizon study of 19 global companies, 31 percent of data breaches in 2012 happened to businesses that had fewer than 100 employees, with another nine percent from companies employing between 101 and 1,000 people.
Related Article: Is Your Small Business Vulnerable to Security Threats?
Cloud services are certainly an economical and efficient means to store data, and service providers strive to provide the highest security. Indeed, most cloud service providers have greater physical and financial resources to protect your data than your own internal IT infrastructure. But, as we’ve seen all too frequently lately, nothing is 100 percent foolproof. Here’s what you can do to make sure your company’s data on the cloud as secure as possible.
1. Check out the security measures of your cloud services provider.
Encryption is essential, both locally on your own computer and at the provider’s servers. There are a variety of encryption standards, and distinguishing between them can get overly technical and confusing. In general, though, look for AES-256 encryption, RSA 2048 for signatures and shared folders, and SHA-256 for security checks. Another common standard is SSL (Secure Sockets Layer) and SSE (Streaming SIMD Extensions). Certain industries such as healthcare must satisfy certain security requirements for data storage—ensure your cloud provider is in complete compliance.
2. Back-up your data from the cloud on a daily basis.
Small businesses are frequently noted for inadequate backup of data. Should your data ever be compromised, a back-up helps you determine exactly what and who has been subject to a security breach. While many cloud services offer automatic data backups, in many cases the backup is limited to the most recent copy, which may be inadequate in the case of a major security breach, when you’d need to recover information past yesterday’s backup.
3. Keep internal systems updated.
The gateway to your cloud data is your internal IT system. Application and software providers continually issue patches to improve the security of their systems. In most cases, you can set applications to update automatically and eliminate the chance of human forgetfulness. Install virus protection on all devices and set the virus protection to update automatically.
4. Set a strict employee usage policy for the cloud.
Your cloud data is only as secure as the users who can access it, since users can unwittingly provide a means for hackers to gain entry. Restrict the use of social media and non-work related websites on company devices. Only permit authorized administrators to install new software. In many cases, it might be a good idea to disable use of USB drives to copy company data for all but authorized users. Require strong password protection; change passwords frequently.