3 Steps to Protecting Your Data in the Cloud

November 23, 2016 | Views: 2486

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

There are different types of cloud storage available on the market in different price ranges, but anyway, you need to choose a solution with services that are accessible from any device, with high levels of protection for business and personal data (with strong encryption for data stored and in transit) and reliability. 

We use to think that services as Google Drive or Dropbox offer to their users a good level of data protection, but this is not completely true. If a file is accidentally changed or deleted, this action has an impact on Dropbox, Microsoft OneDrive or any other service used by a user. For this reason, experts recommend considering real backup and archiving solutions which can provide versioning and rollback control options. In practice, if backups tend to be copies of data that change in real time, the stored data are to be considered as paper documents that you could file to keep them in a closet. In other words, experts explain, an archive is a backup that never changes. 

Backup systems, file synchronization services and storage programs overlap in some of their functions. But each of these has a different primary purpose. Choosing an appropriate data protection strategy that includes data stored locally and in the cloud requires planning. It is important to consider using SaaS and IaaS cloud-based as part of the strategy for production systems. When you are evaluating the solution to choose, if you want a product that can provide benefits as services always accessible from any device, the advantage of a high level of protection for data and also hardware and software redundancy, you need to keep in mind three essential aspects:

  1. understand how to use the data
  2. choose solutions that work together for the entire life-cycle
  3. make sure that the data protection systems meet related use cases.

1. Understand how to use the data

This could be something that seems obvious of course, but according to experts, there are many companies which yet do not analyze enough to understand the life-cycle of their data. In the age of Big Data, it no longer makes sense the old approach where data were created and maintained forever. Today, in fact, it is easy to quickly accumulate a large unmanageable data collection, pretty much impossible to sort and categorize. This can also be too burdensome to manage in economic terms as well as practical. Once you create a document or a record is added to a database, you need to understand who has access and where, how often to backup the data and what to do with it when it is no longer necessary. You also need to understand what kind of responsibility you have in relation to such information: some types of data may have geographical restrictions and others may have legal restrictions.

2. Choose solutions that work together for the entire life-cycle

For each type of data present in the environment, experts recommend determining the best type of management solution to protect it. For example, databases, operating systems, and software could be captured best by using a system snapshot. The cloud data may be stored using Amazon EC2 and Amazon RDS, so in the case of an accident, it is possible to quickly restore the system to immediately return to an operating state. For documents, you might find a combination of a file synchronization and a regular backup service that preserves a snapshot of each file at the end of the day (optimal solution to ensure both ease of access and data security). Finally, within the organization, there may be data that must be stored for many years: these require a storage solution.

3. Make sure that the data protection systems meet related use cases

 

One of the most important aspects to consider is the ease of operation, which should be guaranteed to protect business productivity. Before introducing new backup and archiving solutions, we must first talk to users, understand their needs, ask them how to use and access data and what are the situations in which they might need to recover data from backups and archives. For example, stored financial information may have to be accessible within a certain period of time following a request by the Tax Office or there may be a need to access your personal data as a result of an investigation. Once clarified the modalities of access to data and the recovery timing from a backup or archive, you can choose the software and platforms best suited to meet the specific protection needs.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel