Businesses that run their systems in the cloud experience the ease and flexibility of open, collaborative tools while gaining better protection for their data.
The number of businesses moving to services like Google Apps for Work is increasing every day, each of them taking advantage of the low computing costs that cloud services bring. Productivity increases vastly as your employees are able to access email, hold video calls and collaborate on documents in real-time with colleagues and clients anywhere. The rise of mobile devices also means they are no longer tied to their office computers.
So, you can see the productivity benefits of moving your business to the cloud. But, do you know about the security benefits?
When talking about legacy systems (where your business has a server in the office); there is a saying in the IT world: “There are two types of companies; those who have been hacked and those that don’t know they’ve been hacked.”
This may sound like an exaggeration, but in our experience legacy systems really are a massive security problem for your business.
Moving to the cloud drastically reduces the chances of your business being hacked. You no longer have to maintain and update a server which is time-consuming and costly for starters. With your data in the cloud you get the same level of security that Google, Microsoft and Amazon employ. These businesses have vastly bigger budgets and security teams working around the clock protecting their data centres where your data is being stored.
Your Data in Transit
If your business is going to get hacked, it will most likely happen when your data is in transit. We’ve all experienced fake emails claiming to be from someone you know, promising the world - all you have to do is open the email attachment contained within. But why did you get this email in the first place? You received this message because of a poorly configured email server which has allowed someone to intercept and send a fake email to you - along with a nasty piece of malware.
With the cloud, specifically Google’s Cloud, this spoofing is prevented. Gmail (Google’s email client) gets updated in real time with security patches and anti-malware safeguards getting applied in the background with no downtime or effort from you. Your emails are encrypted and secured with authentication - confirming that they came from you and no one else - so you’ll never be spoofed again. Your email is sent from a Google data centre, through a Google-owned deep sea cables to your recipient, so that the whole journey of your message is secured - making “man in the middle” attacks impossible. Not only that but, Google makes its own unique, physical servers with no public blueprints - so the bad guys have no idea how they work, making hacking tough.
Your Data at Rest
If you are not using a cloud service, when your data is at rest it is stored on the server in your office. Your data may be right at hand, but if the server is stolen or lost in a fire and you have no adequate backups. Your business is in trouble - most don't survive two years after a data breach.
If your system gets hacked, damaged or rendered inaccessible in any way, your data could be permanently lost. Without your data, could your business still serve its customers properly? Could you still meet your regulatory and compliance obligations? Highly unlikely.
Using Google’s cloud services, data at rest is stored in their secure data centre. There you are protected by Google’s enterprise security systems, keeping cybercriminals well away from your data. Google also take care of load balancing and backups, so that your data is always recoverable if there is any localised outage. Replicating data across the cloud in this way significantly reduces the chance of information being lost - even in the unlikely event that one of their data centres is destroyed.
And in the incredibly unlikely event that hackers do manage to breach Google’s defences, they still won’t be able to access your data. Take Google Drive for instance - when you save a document into your cloud storage area, Google splits it into digital pieces and encrypts them. Each piece is then encrypted a second time, before being distributed across the Google cloud. So a cybercriminal would need to be able to capture every single piece of the document, and reverse two layers of encryption before they can read your data - which simply isn’t going to happen. And finally, your data is protected by the trusty security guard just-in-case a hacker tries to use the front door to get to your data.
Actual security vs. Perceived security
We all like to believe that our IT systems are secure - but without testing to confirm, that’s just blind hope. According to Google’s ethos, unless proven otherwise, every system should be considered compromised.
This belief defines the way that Google approach security. They continually test all of their cloud systems to identify and fix security vulnerabilities, further reducing the chance that your data can be accessed by unauthorised parties.
Google’s security is verified - is yours? If not, your security is perceived, not actual.