The more we all move our critical data to the Cloud the more we need to be conscious of how that data is being protected.
One of the reasons many businesses and charitable organizations move applications and data to the Cloud is to simplify their IT infrastructure. There is a promise of better performance, cost savings and not having to worry about things like data backup and security.
However, just because it’s all supposed to be easy and work perfectly, does not mean you shouldn’t ask a few questions to ensure your data is really safe. Here are four questions we ask when looking at Cloud-based applications.
1. Is it backed up?
This may seem a little silly and very basic but there are some Cloud computing applications and services that do not actually backup your data. The responsibility is on you to back things up. We found this out early with one of our Cloud-hosted applications and have needed to implement a backup ourselves.
2. How is it backed up?
Not all backups are created equal. Many Cloud computing providers will just backup the most recent version of your data and will not retain older backups. This does not effectively protect you from a mistake, software corruption or other issues we see contributing to data loss every day.
Engage your IT partner (we have a suggestion if you don’t have one!) in looking at what backup software is used, how it works and how it will protect you from various scenarios, including disaster recovery. You will also want to know if the data can be replicated back to your office or other location.
Knowing how things are backed up should also include checking the processes in place to ensure backups are working. The most important thing here is regular test restores of the backup.
3. Where is my data?
Do not put your data anywhere unless you understand in clear terms where it lives. Some organizations cannot have their data stored south of the border. Also, in some extreme situations applications and data can be hosted in locations which are not secure and not appropriate for your critical data. Check that it’s in a data centre with heavy security and multiple levels of power and cooling redundancy.
4. How is data transit secured?
One of the biggest vulnerabilities of Cloud computing and data security is when information is being accessed or transferred over the internet. Knowing how this data transit is secured is extremely important as the risk of it being intercepted by hackers is quite high.
There are a number of different ways to secure data transit. Web applications should all be secured by Secure Socket Layer (SSL) which you can see by checking the address of the website you visit – it should start with https://.
Some applications may be accessed through VPN and backup or data replication should always be encrypted with a secure encryption key.