Every day, more than 2.5 quintillion bytes of data is created; that is enough data to fill up 10 million Blu-ray disks on a daily basis.¹ With the digitization of so much information, the security needs of companies is also changing. While the need for physical security has not diminished, the demands for keeping all of this data secure is of increasing importance.
The growing number of data breaches are a good indication that companies are vulnerable to exposure of private data, despite all of the efforts to keep information secure. While we may never see data breaches completely disappear, there are some best practices that can be employed to improve security and keep private data as it is intended to be - private.
Security expert Bruce Schneier says that “encryption is the most important privacy-preserving technology we have.”² Keeping data safe starts with using encryption across an organization, and is most effective when it is ubiquitous at a company, meaning that email, documents and other data is all encrypted, not just documents deemed “important.” Data encryption is a first step in ensuring that data - even if stolen or intercepted - is more difficult for those with bad intentions to use.
Data stored in the cloud is almost always accessed by remote users logging on to retrieve or upload information. In this environment, it is absolutely essential that companies and individuals use secure passwords. Hackers are able to use so-called brute force tools to repeatedly guess at passwords, and users with common passwords are the most vulnerable. A good, strong password is a front-line defense and helps ensure that data remains secure. Krebs on Security, an authoritative source for information on data security, has compiled some best practices for passwords that users can employ to keep their digital information secure.³
Another best practice that companies can employ is ensuring that all of their software is up to date. Digital criminals often look for exploits in software to access private data. Once these vulnerabilities are discovered, the threat level increases. Software providers generally react quickly by providing software patches; end users should implement these fixes as soon as they become available to prevent hackers from taking advantage of the exploits.
When looking at a cloud services provider, the security measures that the provider offers should be considered. While much of this article has talked about digital data, physical security does play an important role in keeping data safe. Carib Cloud employs a number of physical security measures to ensure that data stored at its facility is only accessible to authorized personnel. This includes the use of multi-factor authentication and biometrics for access control, video surveillance throughout the facility, alarms, and other physical measures that help ensure that data is only accessible by those that need access.
Ensuring that information stays safe and secure seems like common sense, but we read about breaches just about every day. Encryption and passwords are not really new concepts, but employing best practices will help ensure that data is secure.
1 VCloudNews, http://www.vcloudnews.com/every-day-big-data-statistics-2-5-quintillion-bytes-of-data-created-daily/
2 Schneier on Security, https://www.schneier.com/blog/archives/2015/06/why_we_encrypt.html
3 Krebs on Security, http://krebsonsecurity.com/password-dos-and-donts/