Cloud Data Security

Whether we realize it or not, most of us use cloud computing services every day. Web mail, Facebook, and Instagram are all popular examples of cloud computing, as are more business-focused services like and Microsoft Office 365.

The concept is simple: you store, access and manipulate your data on a computer (or in a data center) owned managed, maintained and secured by a third-party organization. This lets you focus on doing your job instead of worrying about keeping your systems running smoothly.

It may be cheaper, depending on your network infrastructure costs, since you typically rent access to the systems you need for a monthly or annual fee. It’s more flexible, as you can access more storage or additional services – like compute and hosting – on an ‘as needed’ basis, and most cloud services can be accessed via Web browser (with many providers also offering mobile apps). Finally, it shifts much of your IT costs from capital to operational budgets, providing further flexibility and avoiding hassles like depreciation and dealing with end-of-life hardware.

Public cloud: putting it all out there

Your employees are almost certainly already running ‘public cloud’ services on their phones and computers, whether they be cloud storage services like Dropbox or photo-sharing services like Flickr. These types of services are called Software as a Service (SaaS); other Platform as a Service (PaaS) offerings, from the likes of Amazon Web Services and Microsoft, offer higher-end environments that run your company servers and processes on their systems.

The flexibility of cloud services has changed the computing world – and quickly. The global cloud market is expected to top $1 trillion by 2024, according to recent research. Yet cloud’s ubiquity and ease of use have created problems, as the lines between personal and business are blurred and ‘shadow IT’ – unsanctioned and unmonitored business use of public cloud services by employees – becomes common.

Without oversight, companies have no way of stopping or even knowing if sensitive corporate data gets out of their control. Employees are just trying to do their job better, but that will be little consolation if next year’s budget spreadsheets end up on the Web for competitors to see.

Hybrid cloud: the in-between approach

Many large organizations are deeply committed to cloud computing. However, there are some circumstances in which certain data should be kept in-house – for example, to comply with regulations around privacy, handling of sensitive data, or data sovereignty (where data is governed by the laws of the country or territory it was created in, typically meaning it must be stored within that country or territory).

As a result, few organizations have committed to the cloud 100 percent. Instead, most are pursuing so-called ‘hybrid’ strategies that combine specific cloud services – often business systems such as customer relationship management (CRM) or human resources (HR) – with conventional on-premises systems that are owned and run by in-house technical staff.

This approach complicates things somewhat because it means that businesses must keep track of two different computing environments. Yet new tools are bridging on-premises and off-premises cloud services, making it easy to track and secure data as it moves around the new computing environment. Most companies will use the hybrid cloud model for some time to come.

Private cloud: reinventing the business

While many companies are searching for the best approach to upgrading their applications to take advantage of the cloud, others are using cloud computing’s growth as an opportunity to rework the way they deliver applications to their own employees.

In the ‘private cloud’ model, businesses effectively set up their own cloud computing providers, running cloud services inside their network. These providers run applications on behalf of various business units, with the idea being that it’s cheaper and easier to centralize computing than it is to have each department run its own IT, as in the past.

Building private cloud services require a significant commitment of resources since it often involves upgrading old applications and moving large quantities of data into the new environment. Yet many businesses are also using the private cloud to offer entirely new services to business partners and customers. For example, a bank might run an application for finance brokers on its private cloud, giving them direct access to relevant banking systems.

Private cloud services also let banks connect their applications with those of other software providers using application programming interfaces (APIs) that let third parties easily access cloud services offering specific functions. A simple example might be an API that lets a third party retrieve current currency exchange information for use on their own website.

Less nebulous every day

There’s no doubt about it: cloud computing is here to stay. And while it’s still not perfect – issues such as telecommunications outages, security, and data ownership still worry many would-be adopters—its many benefits have made it essential for every business.

Establishing a clear cloud strategy now will help every business modernize its systems in order to take on nimbler competitors today and stay relevant for evermore cloud-savvy customers in the future.