We’re regularly sent reeling by large scale hacks and virus attacks. That’s why so much attention goes out to cyber security. But let’s be honest: do you always install your updates on time?
Update, update, update!
Those new update pop-up windows are annoying, aren’t they? You’ve just started work and a notification arrives. Please run the update and restart your computer. No time, you’ll do it later. You click it away, irritated.
However innocent this may seem, software that is not up-to-date makes you vulnerable to hacks and viruses. An ignored update on a single computer is enough to make your company a target, especially when it comes to security patches or firewalls. How many computers, laptops and telephones are connected to your server? Are they all fully up-to-date? How on earth can you be sure of that?
Security by design
Fortunately, the answer is simple: work in the cloud. After all, switching to cloud software not only frees you up from hardware maintenance, [link to article about the cloud´s benefits], but also means your software is always fully up-to-date and secure. Without you having to worry about it.
Philip Hebly is an Account Manager at cyber security company Fox-IT. Every day he works with service providers and their customers: “A typical network environment at a company is much easier to hack than that of a cloud software provider. This is because cloud providers take security much more seriously than a normal company ever could. For cloud providers, security isn’t something that they do on the side. It’s already incorporated in the design.”
Of course, security by design doesn’t exempt cloud providers of the responsibility of staying on the ball. Quite the opposite. Intensive testing and monitoring is an important part of the service provision. Hebly notices that this is handled increasingly seriously. Where providers previously tested their own networks, they now prefer to use external specialists. They no longer audit themselves.
Security is scalable
Working with your own servers, you may as well hire an external party to carry out audits or penetration tests. These help you discover where weaknesses lie in your systems, so you can take action. But these are labour intensive, and therefore expensive operations, that must be carried out regularly.
Another reason why (major) cloud providers are so safe is their scalability. Constantly testing, updating and monitoring of systems isn’t cheap, but if you can divide these costs over thousands of customers, the impact on price is considerable.
Attention to maintenance
Should you blindly trust the expertise of cloud providers? Certainly not, says Philip Hebly: “You should realize that legally, you are always personally responsible for your business data, even when you outsource it in the data centre of a cloud provider. That’s why it’s important to ask critical questions about how they organize their security.”
Ask questions like: What happens if something does go wrong? Will it be detected? Can you tell me which data is lost? Will you actually do this? The agreements that you make about these sorts of things can be determined in a data processing agreement, for example. These are becoming more frequent, which is a good sign that security is being taken much more seriously.
Take cyber security seriously
Cyber security remains a complex topic. However, the fact that we’re connecting more systems and devices to one another and the internet means that it’s crucial to pay attention to it. Purchasing your business software as a private cloud service is a step in the right direction.