The use of the cloud in enterprises is already a reality. Most have at least one type of cloud service. Others have moved their entire IT departments to the cloud. However, increased use does not guarantee total shielding from cybercriminal attacks or device breaches. A risk that has increased as the BYOD trend —the use of personal devices for work purposes— is gaining ground in the office.

The problem lies in the moment workers connect their devices to company information: the encryption of documents disappears and they are exposed in the cloud. With 70 million smartphones lost every year, the risk of exposure is the order of the day, and this is one of the main causes of data breaches. In order to avoid these incidents, try to follow these three steps to improve your cloud security:

Encrypt data from files

It is not enough to encrypt the perimeter or to encrypt folders in isolation; it is necessary to encrypt the information at the file level. This option protects the information itself —it does not “wrap” it like other encryption options, which isolate the information—.

In this way, files will remain encrypted wherever they go, before and after being in contact with the cloud, both on mobile phones and on any other device. Only authorised users will be able to retrieve them.

Deploying a CASB security system

This type of security system is specific to the cloud. It is currently used by only 5% of enterprises, but is expected to reach 85% by 2020. It is a unified security solution that allows teams of administrators to detect dangerous data loss, implement protection and execute security protocols all at the same time.

In addition, it also allows administrators to monitor how company files are being shared. The CASB system makes it highly visible where the most sensitive information is located and who has access to it.

Separate encryption content from keys

When the encryption keys are separated from the content, it is almost impossible for a hacker to gain access, so it is important to ensure that the security solution employed by the IT department uses this type of system. This way, even if it is exposed to the cloud, it is unlikely that hackers will be able to access the information.

 

We hope this information has helped you. At Esferize we have a team specialised in Internet security that approaches the problem from various lines of action. If you would like further information on this or any other subject, our team will be happy to help you.

 

Source: ComputerWorld