The Most Prevalent (and Perhaps Costly) Cloud Security Myth
By Bryan Ward
I recently came across a article on Cloud Myth: It’s Not as Secure as Your Own Server in Inc. It talks about the myth that storing data in the cloud is not as secure as storing it on your own server. This myth has been around as long as the concept of “the cloud”. The author of the article refutes the myth (as we have on this blog many times before) and draws a comparison between storing data online and banking online saying that storing your data locally is equivalent to storing your money in your mattress.
Obviously a cloud service provider like Salesforce would be “the bank” in this metaphor. If you store your data with them, you benefit from the resources and expertise that they dedicate to keeping your data safe and backing it up in case of catastrophe.
Threats to online data are ever present and, as a result, Salesforce and other big cloud-based services have to be industry leaders in data security in a way that an individual who has a day job could never do.
The reality, however–and where the online banking metaphor starts to fall apart–is that even if you don’t store your data in the cloud and you store it on a local machine or even a local network, you’re compromising your data the instant you connect to the internet. And when hackers, disaster, and accidents start to compromise your data, they’re going to face much less resistance than they would if your data was in the cloud.
Email may be the biggest security gap. Emails sent on nearly every platform are unencrypted and, if intercepted, any data contained in an email is compromised. Think of how many times your employees email sensitive data in the form of attachments and spreadsheets assuming that its secure simply because you need a password to access your email. But if you do something as insignificant as make a typo in the address line, that data goes to some other country. Its the virtual equivalent of mailing your bank an envelope full of cash to be deposited.
In this light, storing your data in the cloud and exchanging data only through secure encrypted means isn’t just as secure as storing it and exchanging it yourself–its a requirement. Especially for clients in our industry which can be heavily regulated and where compromised data can be disastrous.