5 Critical Steps for Cloud Data Protection

1. Use Two-Factor Authentication:

A Two-Factor (2FA) solution uses App or SMS verification to prevent malicious access. With 2FA enabled, you’ll have to use an application or input a code sent via SMS to gain access to a secure system. 2FA protects against malicious access, even if your login credentials fall into the wrong hands.

Two-Factor also protects your business from insider threats. Threats such as careless employees choosing to ignore company policy and use a weak password because it’s easier to remember. However, these easy to remember passwords are also easy to guess and easy to crack with brute force attacks. Did you know that a shocking 25% of respondents in a survey by Troy Hunt use a word that can be found in the Oxford dictionary, such as ‘password’.

2. Strong Passwords are Critical:

Compromised passwords were the common denominator in the biggest 2017 breaches, including Yahoo!’s 3 billion customers, Equifax, Uber, and more. Users can compromise passwords just by sharing them with colleagues. Users can even leak passwords by using the same one to access work and non-work-related systems, such as Facebook or a website. Therefore, your organisation needs a strong password policy.

Strong passwords contain at least 10 characters, are not words that can be found in the dictionary (see why above) and include a number and a special character. For added measure, use a mixture of capital and lowercase letters.

Read “5 Ways to Create Strong Passwords You’ll Never Forget” to create the building blocks of a strong password policy.

 

3. Create a Disaster Recovery plan

It’s easy to forget that an off-site back-up alone doesn’t cover you if a server fails. Create an achievable Disaster Recovery (DR) plan that focusses on bringing up mission-critical servers in a realistic time frame. Consider using a Disaster Recovery-as-a-Service (DRaaS) solution that allows you to replicate VMs and spin them up in the Cloud in minutes to avoid prolonged downtime.

Something important to note about DRaaS is that not all solutions are the same. The difference lies in the degree of self-management required to maintain them. Whether that’s configuring the solution, initiating recoveries or performing failover tests. Managed DRaaS solutions take away the majority of these requirements and will in most cases regularly test failovers – complete with results. This ensures the solution is fully operational and delivers value for your business.

4. Configure Secure Backups

Industry analysts such as Gartner, Forrester and Aberdeen are constantly highlighting the rising costs of downtime on today’s increasingly data-dependent businesses. The cost of downtime can be calculated in various ways, but in most cases, it can cost a small organisation thousands of pounds for every hour of downtime. This can rise to tens of thousands of pounds for mid-size organisations.

Therefore, nightly backups are not sufficient enough to protect your business. Make sure to backup at regular intervals that are tolerable for your business. Whether that’s by the second, minute or hour.

Also, adhere to the 3-2-1 rule. Keep 3 copies, in two different formats and at least 1 offsite. Make sure nobody can access these backups and that they are encrypted.

5. Data Encryption at Rest

Most Cloud solutions offer encryption during transit but, encrypting data at rest is just as important when protecting your data in the cloud. The best practice is to utilise a blanket approach and encrypt all data and devices at all times. As a minimum, your organisation should be using SHA128 encryption, but we highly recommend configuring SHA256 encryption for added protection and future interoperability.

Conclusion

There are just a few of the advantages of storing data in the cloud and there are many more steps you will need to take in making sure your cloud data is protected. And no single step will guarantee security. However, by following the industry best practices in this guide, you can help protect your business from the growing threat of a data breach.

If you want to know more about cloud data protection, get in touch with us and one of our technical specialists will be happy to help.