Sec/GRC Part 2
- The 7 Sins of Cloud Platforms
Post date: July 31, 2019
Cloud Operations Series
Security/GRC Part 2
This is a 6-minute read and Part 2 of a 3-part series focused on security and public cloud services. If you are just getting started in cloud, we recommend Part 1. For cost savings, better features, and higher flexibility, consider new technologies like Ankr when preparing to purchase.
Our next post for the cloud ops topic will be focusing on cloud security sins. With so many hacking issues and breaches occurring the world over, this is an important topic and one that affects every business type and size. Every company using cloud, whether they are large, medium, or small, has customers. It’s vital to protect your customers’ data and their privacy. Additionally, your own data, proprietary information, and trade secrets are at risk if your cloud security is lacking or not as robust as it could be. It’s important to consider security a priority that is on par with cost concerns. Your information, and that of your customers, is highly important, thus, your cloud service provider needs to take security very seriously. Alternatively, switching to a newer cloud offering, such as Ankr’s Cloud Platform, with multiple security mechanisms in place, could be the answer to many data security woes.
Here are the top seven sins for cloud security:
Cloud Security Sin Number One - Regulatory Mandates
Many companies have concerns about regulatory security mandates that are their responsibility. Companies in specific industries such as insurance and financial must ensure that they are in compliance in the event of an audit. Since security in cloud is a “shared” responsibility, customers concerned about regulatory security compliance must ensure that they have security tools available for this specific situation, or that they have a sensitive data secured on a private cloud rather than a shared cloud. Violations of these mandates can cost companies their reputations, can incur investigations, can lead to fines, and if a breach occurs can even lead to criminal investigations and charges.
Cloud Security Sin Number Two - Customer Data Privacy
Customers want to ensure that companies are keeping their data secure. With a surge in hacks and data theft, it is becoming ever more important for big cloud companies to provide robust data security. With shared cloud services, the risk of a data breach becomes much higher. With multiple companies sharing storage it then becomes difficult to tell where the breach was made and how much data could have been leaked or stolen.
Cloud Security Sin Number Three - Breach Liability
When a breach does occur, often liability becomes the main concern. Since security is a shared responsibility, often this means that the liability is also shared between the cloud provider and the cloud client. A simple example is you pay your cloud service $1000 a month, and if they go down, the SLA may reimburse that $1000. But if the downtime resulted in you losing 10 customers worth $100,000 or a $1,000,000, then how will you be compensated? Ask the cloud provider(s) you are evaluating about cyber insurance.
Cloud Security Sin Number Four - Insider Hacking
Hacking from the inside has grown more in recent years. A big concern is employee breaches from cloud service providers who poke around in customer data. Many issues have been uncovered in regard to access and over access to systems by unvetted employees. This data is often sold to competitors for a profit. It’s important to ask about what safeguards are in place to thwart or deter insider hacking.
Cloud Security Sin Number Five - Data Breaches
Actual data breaches occur at an alarming rate. These can be aimed at stealing data personal to the company, or to the company’s customers, clients and partners. Sometimes breaches are small and are caught before major damage is done, other times the damage is huge, and major amounts of personal information is lost, damaged, deleted or corrupted. If backup is insufficient, that data might never be recovered. If data is stolen, it is often sold online to a variety of bad actors.
Cloud Security Sin Number Six - Malware and Virus Attacks
Malware and viruses can be injected into the cloud and can spread from one space to another. This is particularly prevalent on shared systems. Some malware simply hides and collects data as it is uploaded. Other malware causes damage to data that is unfixable. If big cloud providers don’t offer robust malware and virus protection it is on you to make sure you have some type of protection in place, which can be costly and time consuming.
Cloud Security Sin Number Seven - Disaster Data Loss
Disaster in the form of fire, flood, wind, and ice can cause significant damage to servers or take them out completely. Most cloud providers have back ups in the event that a natural disaster takes out some or all servers in one location. Having your data backed up and having AI tools available to move data in the event of a disaster is vitally important.
A New Public Cloud Model | Ankr Cloud Marketplace
Ankr’s marketplace model supplies excess data center, mainframe, and device space to renters who need it on an on-demand, reserved, or spot basis. Everyone benefits from this model: Organizations and individuals who need compute are able to access it in more flexible formats. Organizations of all sizes with any significant excess capacity in small and medium data centers, server rooms, and mainframes located almost anywhere in the world are now able to recoup some costs. By renting out their excess compute capacity to Ankr and its customers, they can generate revenue that helps them offset sunk costs and boost equipment utilization rates. Surplus space is sold to customers who need services at rates often significantly lower than most big cloud offerings.
With their sharing model, Ankr’s monthly plans are lower than many big cloud plans. They are a notable significant 20 to 30 percent cheaper than up-and-comer and similar provider Digital Ocean, and a very significant 50 to 75 percent cheaper than AWS, Azure, and Google Cloud Platform’s current on-demand monthly plan rates. The available options and prices offer important savings and increased flexibility to customers.
Ankr Platform has many security mechanisms built into the design, including the ability to adjust to daily usage. Ankr’s technology is also faster, more secure, able to scale, and expandable; most importantly, it’s very easy to use and costs less. If high security is your concern, Ankr is the cloud technology to adopt now.
Big cloud is at constant risk for various types of internal or external threats. Data loss due to malicious activity, natural disaster, and/or human error are also ongoing concerns.
Despite carrying shared responsibilities - re security and governance - between you and your cloud service provider, you still stand to lose access (and potentially control) over your own data and worst case the data itself. Redundancy via backups, maintaining an assertive security posture ongoing, and active management of your operational processes around your cloud all help mitigate and minimize risk of data theft and/or loss.
We invite you to learn more about Ankr.
Try Now: app.ankr.com