Partner Article

Are Your Employees Putting Cloud Safety At Risk?

The cloud is a network of servers, some of which use computing power to run applications and some of which are responsible for storing data. This type of internet-based computing provides shared computer processing resources to both computers and other devices.

The cloud has become an increasingly popular platform for storing and sharing data, allowing users ease of access to their documents and encouraging collaborative work. We’ve got used to utilising the cloud in our everyday lives and this has merged with our work life, too. The cloud just seems too useful a tool to avoid, which is why many employees have come to depend on cloud services both within and outside of the office.

The problem with this is that many companies don’t have official policies in place regarding the use of cloud based services, and employees often aren’t aware of the risks that the cloud poses to company data.

Syntax IT Support London give examples of risky employee behaviours which could be putting cloud safety at risk, and which are more common than you might think.

1) Use of risky cloud services

Without being encouraged to use an authorised and approved cloud solution, employees will choose services that are easily accessible to them. This means that many turn to free vendors and set up accounts which might not be secure. Some free cloud services are safer than others, but possible security issues include no encryption of data, or having terms of use in which the service assumes ownership of all content uploaded. This puts any uploaded company data at risk of being accessed by unauthorised users.

2) Use of personal devices to access company cloud apps

Employees increasingly rely on one personal device for home and work use and may access corporate data remotely via the cloud on their smartphone. These devices are likely to be non-secured, lacking the malware protection and updates necessary to keep data protected.

Personal devices are also at risk of being lost or stolen and any sensitive data stored on them can be extracted and potentially fall into the wrong hands. Users often stay logged in on cloud based services, which could also expose a business’s sensitive data.

3) Falling prey to phishing

Many companies have had employee credentials for cloud services compromised as a result of weak passwords, spear phishing attacks or malware. If employees have access to data that they don’t individually need to have access to, that data is at a higher risk. Without sufficient training, employees may become victims of phishing by clicking on links sent within malicious emails. All data that they have access to can then be extracted and misused.

4) Uploading sensitive data into the cloud

Documents uploaded to cloud-based file sharing services may include financial records, business plans, customer information or source code. Often, employees aren’t even aware of the sensitive nature of the documents they are uploading and this online file storage can expose data which should be protected. It can also result in the company no longer complying with industry regulations.

5) Using cloud services irresponsibly

Some services do have security procedures that can minimise risk, but employees may not be aware of these features or know how to use them. A link to the cloud storage service may be accessible without a username and password, depending on whether the uploader has checked a box.

Dropbox, for example, allows you to send a link to secure files and gives the option to select whether anyone can open the file, or only the people to whom it was directly emailed. If data must be shared via the cloud, having knowledge of these options can make a big difference and makes data much more secure.

The cloud is an immensely useful tool and it is no surprise that employees are keen to put it to use while at work. However, as these commonly made mistakes make clear, businesses must create official policies concerning the usage of cloud-based services to minimise risk. It is also important to educate employees on how to use these services securely to protect both staff and corporate data.

This was posted in Bdaily's Members' News section by Mark Jordge .