Some managers might wonder how data (usually only a single copy) kept on unencrypted hardware with minimal security measures can be more secure than files stored with reputed cloud providers. And they would be right to doubt the fearmongers. While the current news climate may try to make local storage appear attractive, organizations need to remember that they moved to the cloud precisely because storing information locally faces numerous hazards.
Just one such hazard is the fact that many corporations lack the technical expertise or manpower to secure their infrastructure continuously. Hardware ranging from servers, networking and communication equipment that are on the premises, all the way down to individual laptops and phones issued to employees have to be tracked and monitored to prevent unexpected attacks, hardware failure or theft. The lack of resources is not confined to just small businesses.
A total of 48 laptops have been stolen or reported missing over two years at NASA, and some were taken from locked employee cars (Reported by PCWorld, March 2012). More recently, a laptop filled with sensitive and unencrypted health information of thousands of Canadians was stolen in September 2013 but which came to light only this year (Reported by MSN News, January 2014). If tech-savvy government agencies which are notorious for secrecy have difficulty in securing their devices, how can private companies do better, especially those with little technical understanding of computer security?
For most corporations, keeping valuable files and data in the cloud is far safer than trying to build up their own security infrastructure. With cloud computing, employees can work from any device and sensitive information can be set to be wiped completely after every session. Even in case of theft, data can be wiped immediately from a remote location. Local storage devices such as hard drives are rarely encrypted within business environments. Even with encryption, drives can and will eventually fail. The data has to be duplicated and backed regularly. Rather than trying to setup expensive equipment individually, enterprises can offload those processes to industry experts with mirrored server farms which keep multiple redundant copies of user data.
Common sense might say that the cloud is not safe. But common sense can be wrong. At the very least from a security perspective, the best decision for a company’s data might be to move to the cloud.