PL
DE
UK
Cloud computing, or the popular “cloud,” is a new model of IT service delivery that has changed the previous way of managing data. Data available in the cloud and the ability to collect and process resources from anywhere on earth is a prospect that not only increases competitiveness, flexibility, but also significantly saves the cost of doing business. What about data security?
A 2016 Computerworld report shows that among Polish entrepreneurs, 49% are using cloud solutions ( more than 200 entities from various industries were surveyed). In Western Europe, the level of confidence in cloud computing is much higher, for example, in the UK it reaches almost 90%. Such a percentage of companies use the cloud model in this country.
Cloud data security: how to recognize a good provider?
Along with spending on the development of cloud services, the amount spent on data security is increasing. However, data stored in the cloud is available on many different servers. So how do you find out if they are secure?
1. compliance with the law. Cyber security is a priority topic, as the continuity and development of business, the interests of Customers and the image of the company depend on it. Service provider is bound by the RODO law of May 25, 2018, so already at the stage of design and implementation of services, the issue of protection of Customer data, Customer consents to process data concerning them, is a priority. We write about this in a separate article.
2 Service continuity (SLA – Service Level Agreement). There is a specific time in the contract with the provider, in which the parameters of the service, availability, response time to requests, repair time and the consequences of non-fulfillment by provider are described. It is necessary to pay attention to the provision of cloud availability. The higher the indicator, the better for the customer (the most reliable cloud systems work 99.999% of the time, and this indicates 25 seconds of actual service unavailability per month). Availability at 99.7% is assumed to be acceptable. It is worth reading the size of this parameter and safeguard your own interests.
3 Data Encryption. The confidentiality of the domain and its owner is ensured by the SSL (green padlock) protocol, which authenticates the server, customer data and secures the data sent between the user and server. It is also worth finding out how the data is encrypted (web browser, two-step login, etc.). There are several types of SSL certificates: domain validating (DV – Domain Validation), certifying the authenticity of the domain owner (OV – Organization Validation) and the highest certificate (Extended Validation). An SSL certificate should be present wherever data is processed. The protocol also enhances brand reputation.
4 Deploy proven and efficient devices and network systems, such as firewalls, data packet filters, appropriate authentication systems, etc. It is also important to keep the provider’s antivirus software up-to-date. The level of cloud data security is defined by EU standards: ISO 27018, ISO/IEC 27001 and ANSi/TIA-942.
5. provider’s experience and references. When choosing a provider, it is important to keep in mind how long it has been in the hosting and cloud computing business. Knowledge and experience takes years to build, and the more knowledge you have, the more confident you will be about the security of the service. Testimonials also can tell you a lot about a company.
6 Server Location. Although the customer uses virtual cloud solution, the physical location of files and security of this building is very important. If they are located on another continent, for example, it may work against the speed of the service. Besides, in server room also failures happen, and it is difficult to react when it is located so far away. It is also important that the server room operates in accordance with the provisions of Polish law.
7 Backups. Your cloud computing provider should do backups. It is also a good idea to find out how often prepares data backups and in what mode it is able to restore the system to the state you want.
8. Technical support. In case of cloud problems or concerns, the service provider should offer IT support. In what form is this conducted? By email, by phone, by chat? For what time of day and week?
Cloud computing – the human factor
As for the security of data in cloud services, it is also worth keeping your own actions in mind. Data can be lost or destroyed through conscious or less conscious actions. Much depends on the knowledge of procedures of both the service provider and employees, and whether they follow the company’s arrangements.
ITH Cloud
ITH specialists have been in the telecommunications services industry for 10 years. We offer 99.7% service availability, 24/7 technical support, and our servers are located in Poland. Data is encrypted and compliant with RODO. ITH CLoud service is all types and models of cloud to suit any type of enterprise.