You’d think that IT companies know how to handle their cloud storage security. Think again! As it turns out, many providers of cloud storage service don’t use effective security systems to guard their important corporate data. Needless to say, this is a big flaw in the IT&C world; one that appears in need of immediate attention.
Many surveys have now confirmed what we’ve silently been speculating for years: IT couldn’t care less about the security of their internal files. And we’ve now got the numbers to prove it. So what is there to do about this? Should IT companies radically change their inner system if they want to survive? Is there a way about this that isn’t incredibly difficult and time-consuming?
Let’s first take a look at what we know:
What We Know about Cloud Storage Security and IT
Basically, there are two research studies that have looked into how IT manages its clouds. Two surveys were conducted by two very different cloud storage companies to see how companies around the world of IT take care of the important trillions or millions of data files containing sensitive info. The results were shocking, frightening, and somewhat sobering.
Survey Number One
The first survey comes from a company called Ipswitch File Transfer. Of the 555 professionals of the IT market that they questioned, more than three quarters agreed – security is paramount. That’s 76% of survey respondents, roughly 422 men and women, saying that it’s important to secure file transfers. All well and good up to this point. However, here’s the stinker: 61%, about 339 IT geniuses, were working with cloud storage services that either were poorly secured or had none of it.
Does that scare you? It should! Imagine these are the same people dealing with your day to day information on the internet. It’s quite possible that out of all these IT&C specialists, many work not just with sensitive company data, but with sensitive consumer data. Doing the math, the best case scenario that we get is that at least 205, 37%, admit security is important, yet are blatantly indifferent to acting on that principle. Even more alarming is that there are people that think security is unimportant (24%!).
A quarter of respondents also said they have inefficient file transfer policies while another quarter is eagerly planning on securing their file transfer, they say. About 38 percent mention that their risk mitigation teams have been inefficient. And some other really bad news: 32% have never had a file transfer policy while 21% had problems with data breaches, although they didn’t know for sure.
If the data from this survey in any way reflects the IT world as a whole, I think we’d be better off making our own internet on a deserted island… maybe.
Survey Number Two
This one may seem less dire than the previous survey, but it still raises important questions as to the online companies we put our trust in. Clean Out Your Computer Day released on February 8 a survey conducted by Censuswide at the order of Crown Records Management. This survey said that there are no email data retention strategies for about 55% of people in positions of power in IT companies that have a larger population of employees. 58% don’t review their paper documents while 60% don’t review their online documents. 76% have no policy in place to take care of what data they should keep and what they should delete.
However, the staggering part is that 64% don’t have any filter in place for the data they put up in the clouds.
Essentially, the survey drew the conclusion that people think this type of cloud storage security is not that important. These people may or may not think that file safety as a whole is key, but they don’t show it through their policies, many don’t intend to act on this, and a lot have had problems in the past. What should these IT firms do?
First of all, they should implement disaster recovery systems, they should make the time to catalogue their important data, to separate what must go to the cloud and what must stay here on Earth. This is according to Hurwitz & Associates’ principal analyst and vice president, Jean Bozman. She also stresses something obvious: cloud storage is just a phase. Just like any other phase in internet security, cloud security will be mastered before long. There already are a range of companies specialized in internet security that provide primitive cloud storage security.
Here’s the gist of these surveys in a few bite-sized, easy-to-read charts:
Possible Solutions for IT Companies
An IT company looking to up its security will have to run through some very important stages before to make sure its clouds are silver lined, i.e. secure. Some of the following steps are essential, others are experimental, but all are equally good:
- Establishing data filters. A serious company that wants to make serious reform in its cloud storage security must establish data filters: we need to know what goes in and what goes out of the cloud. Some pieces of data must never leave the company’s physical walls.
- Creating a coherent strategy. A cloud storage security strategy must be consistent, it must help the security of important files without reducing worker productivity. Nobody wants to go through 10 security checks before downloading/storing something in the company’s Azure space. With over 10 trillion files in that cloud alone, that may be an impossible task to implement.
- Acquiring a strong antivirus. Local antiviruses still prove their worth even when it comes to cloud storage security. Kaspersky’s version of cloud storage security (implemented into all versions of its software) works intelligently with other Kaspersky Lab programs linked with your cloud so as to provide that extra security you may well need.
- Creating an automated security system. This may be a long way coming but it will arrive. Paul Castiglione of Ipswitch mentions this as companies’ only real choice when it comes to true security. An intelligently designed software will know what files have been accessed by what computers in the company’s network and will be able to block unwanted visitors.