Connect with us

Business

Why are SMBS still suspicious about cloud storage security?

SMBs find it hard to trust a third party with their data because of the lack of visibility and control.

cloudmonter

It is now well known that the cloud brings businesses many benefits in terms of productivity and flexibility which is why its use among businesses in on the increase. But with these benefits come some fears. More than 60% of SMBs are concerned about their data being unsafe in the cloud, but why? And how can they overcome those fears?

Why are SMBs worried about cloud storage?

SMBs find it hard to trust a third party with their data because of the lack of visibility and control.

The first fear is unauthorized access. Actually, it is much harder to detect when data is stored in the cloud. When data is stored on-premise, the fact that you need to be physically present in the office to access these files is a natural boundary against unauthorized access from outside the organization. Plus, even with remote employees using VPNs, access can be restricted to specific devices only. With cloud-based storage, data can be accessed on any device and from anywhere in the world.

The second fear concerns data theft from leaving employees.  When data is stored in the cloud, it is much harder to stop or prevent. For the exact same reason, it is easier to spot an employee stealing data when it’s stored on the physical desktop computer. With cloud storage, it becomes extremely easy for leaving employees to steal files before they go.

The third fear comes from a complex hybrid storage environment. Businesses use a mixture of on-premise and cloud storage because it increases productivity. However, it also makes managing the security of the data stored across multiple environments very difficult.

56% of SMBs say that it’s difficult managing the security of data living in hybrid infrastructures.

These fears are driving bad security decisions

Most SMBs believe that cloud storage is not secure, but what are they doing about it? Well, not much apparently.

80% are simply relying on the native security of the cloud provider to monitor access. Of those, only 42% monitor access manually every day, which is incredibly time-consuming and complex, and it’s subject to human error.

38% monitor access on an ad hoc basis. It is less time-consuming but you can miss an attack or find out about it too late.

More disturbing, 9% don’t monitor access at all. It makes the identification of the source of a breach incredibly difficult when it inevitably happens.

21% keep their most sensitive data stored on on-premises infrastructure.

This decision to neglect cloud security means that data stored in the cloud is considered ‘not sensitive’ and at high risk. For example, only 53% said their clients’ data was sensitive!

What can SMBs do about it?

There is a more effective way to ensure that your data is protected whether it’s in the cloud or on a mixture of on-premise and cloud. You need to invest in technology that proactively tracks, audits and reports on all access to files and folders and alerts you in real-time to suspicious file activity.

67% of SMBs say that receiving alerts for unauthorized or suspicious access to sensitive data stored in the cloud would be extremely useful.

What you need is a solution that shows a consistent view of the security of your data across all your storage servers — whether on-premises or on a third-party cloud system. With that in place, you are sure that if someone other than an authorized employee tries to access your data, you’ll be the first to know and therefore you’ll be able to react instantly.

Editor’s Note: François Amigorena is the founder and CEO of IS Decisions, and an expert commentator on cybersecurity issues. IS Decisions software makes it easy to protect against unauthorized access to networks and the sensitive files within.

Its customers include the FBI, the US Air Force, the United Nations and Barclays — each of which rely on IS Decisions to prevent security breaches; ensure compliance with major regulations; such as SOX and FISMA; quickly respond to IT emergencies; and save time and money for the IT department.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Business