Cloud Storage and Computing Security Concerns for SMBs
By Jason Leung
Cloud storage and cloud computing have taken the world by storm, providing small and midsized businesses (SMBs) with a way to store data and run applications quickly, easily, and most importantly, affordably. Without the burden of implementing a costly and complex IT infrastructure, businesses have realized cost and time savings through cloud technologies – savings that have allowed businesses to focus on their core competencies and sharpen their competitive acumen.
Despite these appealing benefits, however, not everyone is eager to pursue these trends. A recent survey of 210 midmarket companies conducted by SWC Technology Partners indicated that over half (54.2%) of companies surveyed are not pursuing a single cloud computing initiative, and over one fifth (20.9%) of those surveyed indicated that privacy and security were major concerns when considering cloud technologies. Suffice it to say, while there certainly is appeal to cloud computing, barriers remain, especially with regard to security.
Security, certainly, is on everyone’s mind, and seems to be an omnipresent threat. A framework that considers security from two vantage points, or from both sides of an equation – provider and customer – could offer insight and subsequently, solutions, to allay concerns with particular insight for SMBs.
Provider security largely deals with the security of the data in the cloud. Cloud providers have spent the past few years ensuring that this is as secure as they can possibly make it. After all, cloud providers have a vested interest in ensuring that data is safe – without customers, they have no business!
As cloud providers generally run their solutions on centralized server farms, they are able to realize economies of scale to protect the data in the server farms. Pooled resources from multiple customers ensure that customers’ data is safe. High availability, redundant systems, sophisticated intrusion prevention strategies, secure credential storage and hardened authentication systems are typically complex and expensive for SMBs to implement, but straightforward for a cloud provider. Ensuring that vulnerabilities are closed and potential threats are neutralized is the main benefit of the cloud provider for companies of all sizes.
Customer security examines device security and the networks tapped with those devices to download applications or access data. The challenge with customer security is the proliferation of endpoints. A steep increase in scareware and fake antivirus software takes advantage of curiosity and the yearning for security to compromise data whether through a tweet, a purchase, or a song download.
As SMBs consider utilizing cloud offerings and services and reap their streamlining benefits, of course, being mindful that IT infrastructures require considering both provider AND customer security is tantamount.
No matter an organization’s size, cloud security is difficult to manage. For SMBs in particular, security solutions need three specific characteristics to enter into the consideration set. They must be reliable, simple to deploy and, most importantly, they must be affordable. Unlike large companies with commensurately large IT budgets, SMBs don’t have similar resources to spend on IT infrastructures that are not customized for their needs, and are overly complex. Tailoring solutions to meet customer needs, especially those of small and midsized businesses, that consider both provider and customer security are optimal approaches to this difficult security equation.