Focus on data security: whether cloud or on-premise

In 2013, it was estimated over half a billion records of personal information were leaked, including names, emails and credit card numbers. So it is no wonder the conversation with a CxO regarding storage begins with the cloud data security question, “How secure is my data in the cloud?”

LightBridge Cloud Data Security: Data Fend for ItselfI always find this interesting because when the question is reversed regarding the security of their on-premise data, we frequently uncover gaps in their existing strategy.

Let’s walk through the top four areas of concern:

For sake of conversation, we will focus on implementing a cloud data storage strategy for your unreferenced data absorbing more than 70% of your active storage capacity.

  1. Who has access to the data:
    • The LightBridge ARCH archival strategy typically establishes a direct connection with the customer, easily mitigating significant security risk found through providing public Internet access. Data stored on the LightBridge platform cannot be directly stored on a consumer-level application, such as Dropbox.
    • SSL Encryption is required for file upload and download.
    • IP strategies are instrumental in mitigating data access. For each data ping, there is a required handshake between systems ensuring proper credentials exist on both ends.
  2. Who is tracking access to your data:
    • Based upon the client’s requirements, the proper tracking and monitoring strategy will be implemented in the system.
    • Automated notifications can be distributed to the proper parties if unauthorized access is attempted. Priority and method of notification can increase based upon each customer’s predetermined requirements.
  3. What about the physical security of your data:
    • Could one of your technicians walk out with a physical drive going completely unnoticed? How secure are your employee laptops if inadvertently left behind?
    • Security in each of our 5,000+ micro data centers includes 24 / 7 monitoring and managed physical firewalls.
    • Distributing the data across 5,000+ micro data centers builds a generous amount of security inherent within the system. And when the distribution is coupled with file sharding (segmenting a file into multiple parts across the network), fortress-like cloud data security is achieved.
    • While reviewing your physical security, consider your existing archive tapes as well. In 2011, nearly 5 million medical records were compromised when backup tapes including health data were stolen, costing the company $4.9 billion.
  4. Who is monitoring and maintaining security policies:
    • Often the biggest hurdle for a company is determining where exactly the sensitive data resides and ensuring security policies are implemented properly. Can your corporation accurately classify and define the types of data requiring a higher level of security?
      • Many encryption options exist for at rest data on the LightBridge platform, including Advanced Encryption Standard (AES) 256, following the Department of Defense requirements. This encryption logic can be implemented at the individual object level.
      • In addition, there needs to be consideration against security measures and risk associated with the files. Low value data might not need the stringent requirements, often reducing cost of data storage, whether on-premise or in the cloud.
    • Finally, does your corporation have policies and procedures defining how to act on an attempted unauthorized access notification received from a monitoring system?

In today’s business environment, it’s essential we all are talking actively about the security of our data. I recommend not focusing the conversation on the location of your data, such as cloud versus on-premise solutions, but focusing on protecting your data, wherever it may reside.

Ask the right questions of your vendors (and employees) who touch the data, and follow through until you get the right answers.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *