Although COVID19 has left a grisly trail of economic destruction in its wake, it has also had some unexpected benefits. In particular, it has delivered a lot of insight into the realities of remote working.
COVID19 and the cloud
In many ways, the pandemic has validated the high number of cloud migrations which have been happening over recent years. Companies with a presence in the cloud had a relatively easy path to remote working, at least from a technological perspective.
Companies which were still reliant on local network connections had a major challenge on their hands. Companies which were still working largely on paper had a serious problem.
It was not, however, a complete win for the cloud. The elephant in the room was and remains, data security. This is, currently at least, more an issue with humanity than with the cloud itself. Notwithstanding, however, it will need to be addressed if the cloud is to become the new way of working.
Clouds and data security
A lot of security, both digital and physical, depends on maintaining a strong perimeter. Obviously, there has to be some way of getting through this perimeter, but this way should be closely monitored.
In a networked environment, the monitoring is by way of identity checks such as passwords and two-factor authentication e.g. sending numerical codes to a registered phone number. The problem is that neither of these methods is foolproof.
This is why cybercriminals are increasingly using social-engineering exploits to trick humans into granting them access to a company’s systems. It’s much easier than trying to infiltrate those systems through their technical skills.
Any type of network is potentially vulnerable to attack. Public clouds, however, are particularly vulnerable due to the difficulty of maintaining a high level of data security in an environment where you do not have end-to-end visibility, let alone control. Private clouds should be more secure if they are run properly, but mistakes can be very costly, in every sense of the phrase.
The threat of ransomware just keeps on growing
Out of all the cyber threats in the wild right now, ransomware is probably the one companies fear the most. Not only can they get locked out of their data, but that data can be stolen and sold. This leaves them vulnerable to GDPR penalties and, of course, a lot of angry data subjects. Fortunately, there is a solution.
Encryption plus offline storage plus old-fashioned paper
If you always keep all data encrypted (or at least all sensitive data encrypted), then you never have to worry about data theft. That immediately solves one of the major concerns about the cloud (and networked environments in general).
The way to solve the issue of potentially being locked out of your data is to keep multiple backups. This means a cloud-to-cloud backup, plus an offline digital backup plus paper (at least for your most important documents).
That way, if slow-acting ransomware makes its way from your production systems into your digital backups (online and offline), you’ll still have old-fashioned paper to save the day.
This is a guest post by Joe Muddiman. He is the General Manager at Rads Document Storage, a secure facility based in Nottingham which provides professional document management services.