Amidst all the buzz surrounding the cloud, many people still have deep concerns about security. A recent survey, summarized in Searchsecurity.com, found that 72% of federal CISOs stay away from cloud computing because of security concerns.
There are similar concerns with cloud storage and we are the first to admit that there are risks. But these risks can be mitigated, as we have shown with the Nasuni Filer.
In response to these security fears, we just published our list of the top five concerns that come with storing your data in the cloud. These are the five big points that anyone thinking of moving files to the cloud should consider when choosing a vendor.
1. Data Leakage: The cloud is a multi-tenant environment, so there is a risk that sensitive data could leak either accidentally or as the result of an attack. You should assume that this will happen and send only encrypted files to the cloud. Use the strongest encryption possible and encrypt at your site, not through an intermediary. The only person to trust is yourself.
2. Cloud Credentials: Access to a pool of storage is based on credentials, so if you are lumped in with other customers, there is a chance one of those customers could get to your data. If encrypted, they won’t be able to read it, but they could delete it. To prevent this, secure your own credentials in the cloud. Keep your data separate.
3. Snooping: Even if your files are already encrypted, assume the worst and guard against snooping by only sending and retrieving data over a secure line. This prevent someone seeing cloud metadata. Nothing – no filenames, timestamps – should be decipherable on the wire.
4. Key Management: Botched key management could lead to users who don’t activate cryptography, thus compromising security. Encryption should be automatic. There should be no insecure mode. Keys should also be securely escrowed, so that no one can obtain that key to access your files.
5. Performance: Strong security should not slow your system to a halt. Encryption and decryption should happen with little or no impact on the user experience.
There are legitimate concerns about cloud security, but that’s one of the reasons we built this secure gateway to cloud storage, the Nasuni Filer, in the first place.
Find out more by contacting us at info@nasuni.com.