Lost in the Cloud: Steps to Protect Your Cloud Data

On any given day, most of us rely on the cloud to store, upload, and retrieve various types of data – work files, songs, pictures, videos, apps, etc. It’s a proven, reliable service that we’ve grown accustomed to working with – maybe even taken it for granted.

We’ve discussed the pros (and cons) of cloud computing before – reliability, affordability, and accessibility - but have you ever wondered, even with multiple levels of protections and policies in place, how data goes missing?

Human Error:  One of the most common ways data goes missing - and we see it all the time in data recovery - is human error. In fact, in late 2015, Google’s Compute Engine cloud platform, the component that runs services such as  search, Gmail, and YouTube, experienced a roughly 70 minute outage in Europe, dropping that region’s traffic by 13%. The reason?  An engineering team manually activated a peering advertisement link, side-stepping the automatic validation checks. More recently, web hosting company 123-reg’s UK office ran a script which accidentally deleted 67 virtual servers, bringing down some of their client’s sites.  Whoops!

Data Breaches:  Data breaches are not unique to cloud computing. Cloud providers hold large amounts of data, making them an appealing target.  A 2016 Network World study found that security was the top challenge facing an organization’s ability to implement cloud technology. Providers today encrypt data in-transit and at rest, but not all attacks can be prevented.  In addition, with more organizations adopting BYOD policies, employees now have access to cloud applications wherever they reside, making it difficult for IT departments to control where and how employees connect to those applications.

Server Outages: Cloud availability has improved dramatically over the last several years, but downtime is unavoidable. Last year one of Amazon’s oldest and largest NoSQL databases went down for several hours, impacting AWS customers, in addition other companies like Netflix, IMDb, and Reddit, just to name a few. It’s been reported that outages can cost Amazon more than $1,100 per second.  The data loss situations outlined above are seemingly unavoidable, but what can companies, or individuals, do to better protect themselves from situations that are out of their control?

Authentication:  This may be one of the easiest, and most obvious tasks to complete, but it’s vital.  Make sure you’re protecting your accounts with strong passwords (and you should know this by now, but don’t use the same password across providers).  In addition, some providers offer two-factor authentication.  If it’s offered, take advantage of it. If anyone tries to access your account, you’ll be notified.

Redundancy:  Depending on the value you put on your data, you can either spread it across multiple data centers within a single cloud provider (which some providers do automatically) or even use different providers.   Duplicating – or even triplicating – your data ensures you have at least one option for recoverability in the event of an outage. If it’s mission-critical or sensitive data, you may want to store and manage that locally.  Using a hybrid-cloud can allow a “best of both worlds” approach, by allowing you manage costs by pushing only the necessary data to the cloud, while keeping private data accessible.

In recent years, providers have improved security and availability, but no provider is completely safe from failures or outages.  That’s why it’s imperative to do your due diligence, work with a provider you feel confident in, and take the necessary steps to protect your data in the event of a loss.  The best plan is a plan for the unexpected.