IT Security Tip #55: 3 rules to keeping your data safe in the cloud
If you’re using any kind of cloud application (and these days, who isn’t?), you are right to be concerned about data privacy and security. The company hosting your data is ultimately responsible for keeping hackers out of THEIR network, but most cloud breaches are due to USER ERROR. So it’s important that you, the user, are being smart about security. Here are a few things you can easily do to improve security in the cloud:
1. Maintain a STRONG password of at least eight characters with both uppercase and lowercase letters, numbers and symbols. Do NOT make it easy, such as “Password123!” While that technically meets the requirements, a hacker could easily crack that.
2. Make sure the device you’re using to access the application is secure. This is an area where you need professional help in installing and maintaining a strong firewall, antivirus and spam-filtering software. Don’t access your cloud application with a device you also use to check social media sites and free e-mail accounts like Hotmail.
3. “Reverse”-backup your data. If the data in a cloud application is important, make sure you’re downloading it from the application and backing it up in another safe and secure location. That way, if your account is hacked or the data is corrupted, you have a copy.
IT Security Tip #56: The #1 threat to your security is…
YOU! And your employees. Like it or not, human beings are our own worst enemies online, inviting hackers, viruses, data breaches, data loss, etc., through the seemingly innocent actions taken every day online. In most cases, this is done without malicious intent – but if you as a manager or owner aren’t monitoring what websites your employees are visiting, what files they’re sending and receiving, and even what they’re posting in company e-mail, you could be opening yourself up to a world of hurt.
That’s because employees’ actions can subject the company they work for to monetary loss, civil lawsuits, data theft and even criminal charges if they involve disclosure of confidential company information, transmission of pornography or exposure to malicious code.
One thing you can (and should) do is configure your firewall to document and monitor which websites users are visiting. Almost all enterprise-level firewalls have this ability built in; you simply need to configure it and monitor the reports (something we can certainly help you with). But it’s up to you to set the rules, write it into an Acceptable Use Policy (AUP), TRAIN employees on what is and isn’t acceptable and then get them to sign the AUP.