Our Blog

Cloud File Service Security: What You Need to Know

One question I am often asked by those considering our cloud file sharing service (drive2go) or our cloud desktop solution (desktop2go) is, “Is cloud computing secure?” That is not unlike saying, “Is your bank secure?” It is a valid question, but a broad one with an equally broad answer.

Here it is: There is no 100% security guarantee with any data storage, but when you store and share files in the cloud, it is certainly more secure than “traditional” storage methods such as premise based installations managed by in-house staff. That is partially because companies that utilize in-house storage have less of a budget for data security staff, therefore they make less of an investment in it. I would say that most small to medium size business have a false sense of security. I have audited literally thousands of businesses IT infrastructures and seen more gaping holes and improperly configured backups than anything else.

Conversely, a cloud service provider has a big stake in security; in fact, it is the basis of their entire business model. If there is a data breach, their entire business goes down with the compromised data as they lose clients by the truckload. That is why cloud services like drive2go utilize private keys, to ensure that only the user has access to the data for his account. This is not the case in any other cloud file storage services that uses shared keys, which may be encrypted but are still less secure.

Services that facilitate storing and sharing files in the cloud are categorized into three service models: software as a service (SaaS), infrastructure as a service (IaaS) and platform as a Service (PaaS). All three types of cloud providers have made great strides in securing and certifying their data centers with methods such as encryption. But, it should be noted that the process of securing cloud file storage is not all that different than it is to secure a physical server in a on-premise scenario . Both require a strong access control policy, minimal access ports and a rock solid application layer to secure the data stored within.
With so many information security concerns being exposed by the media in recent months, it is completely understandable that individuals and companies are concerned about the security of a data storage method. I contend, as do many data security experts, that storing and sharing files in the cloud is a more secure method than traditional, on-premise storage, especially for the small to medium size business market.

Originally posted on d2business.com – Cloud Computing Security