Whether it's data loss, a lack of privacy or cyber attacks, storage administrators must consider cloud data storage risks carefully before a migration.
Admins should regularly review these risks during and after a cloud storage installation. Data confidentiality, integrity and availability are critical.
Unauthorized access to data
Access to cloud-based data and systems usually involves an internet connection. Only approved and verified users should have access to data.
Role-based access, decided by the user's position and activity, helps prevent unauthorized access. Authentication, ideally with at least two factors for granting access, protects the data from potential breaches. Encryption of access-related activities also protects data.
When users host data and systems in a cloud service, they are still responsible for data protection, which may restrict user control of the data. Generate additional copies of critical data, and store them in another storage platform, ideally in a different data center.
A hybrid arrangement is also an option. Users store critical data locally, such as in a NAS appliance, and in a cloud repository. This enables users to access critical data locally off the NAS appliance and to host backups of that data in the cloud.
Carefully review cloud service providers' service-level agreements. Understand their rules for who is responsible for data protection.
Implement a data protection policy to minimize cloud data storage risks. This document establishes guidelines for how users create, store, access, change and delete data.
Data protection is also an important regulatory requirement, as specified in the EU's GDPR. Any organization that accesses data generated by an EU member nation must comply with GDPR.
Security in the cloud
While cloud storage security has improved in recent years, it's still important to encrypt data at rest and in transit.
Establish an air gap to further protect data. Some cloud vendors offer an air gap, while tape storage is another common option.
Loss of data privacy
Unauthorized access is one of the top cloud data storage risks. It can mean a loss of privacy, especially for personally identifiable information and personal health information.
HIPAA regulations, for example, have specific requirements in Part 164 of the Code of Federal Regulations to ensure that admins establish and maintain data privacy.
Cyber attacks and breaches
As the frequency and severity of cyber attacks -- such as phishing and ransomware -- increase, users who store data in a cloud service must ensure the same cybersecurity protection as they would for on-site storage.
Look for products that offer the most direct user control.
Examples of cloud security products include the following:
- Check Point CloudGuard. Supports multi-cloud environments, as well as most major cloud platforms.
- CloudPassage Halo. Uses IaaS to support cloud servers and containers.
- Symantec Cloud Workload Protection. Supports all major cloud platforms and provides resource scalability to support changing user needs.
Dig Deeper on Cloud storage
Related Q&A from Paul Kirvan
To migrate backup data from the cloud back to an on-premises environment, you should follow these steps to ensure your data will be safe and smoothly... Continue Reading
With security top of mind across IT, consider best practices for safe Google Cloud Storage access. Admins should be careful about assigning roles and... Continue Reading
Business continuity and resilience go hand in hand and play a role in an organization's disaster recovery plan. Essentially, business continuity is ... Continue Reading