Many companies have begun using the cloud for data archiving to gain scalability and cut costs with regards to their short- and long-term data storage solutions. But, this approach to enterprise information archiving can be a risky move for any company concerned with data security and privacy – especially those governed by strict data compliance regulations. While there are ways you can help mitigate the inherent risks of cloud storage, it is up to you to make sure those proactive, precautionary measures are in place and have a backup plan for protecting your company’s most critical data.
Top 3 pitfalls of using the cloud for enterprise information archiving
- It’s built for sharing, not security – This statement alone should bring up warning bells in the mind of any legal compliance officer. Unlike traditional storage servers that are private and protected by firewalls, data in the cloud is co-mingled and designed to be accessible to anyone from anywhere. A scary prospect for companies that need both security and privacy.
- Data is often transmitted via open text – This is obviously a concern for anyone who worries their data could be hacked during transmission. Without the right protocols in place, your data could be a very easy target for interception.
- Clouds can go ‘poof’ and disappear – The cloud may be marketed as a magically reliable solution for storing and managing your data, but Cloud services can – and have – completely gone down, halting businesses for days or longer. You cannot assume that because your data is in the cloud that it is protected. You must still be reliable for your own business continuity. See The 10 Worst Cloud Outages (and what we can learn from them) for some of the cloud’s less than fine moments.
Can’t resist the Cloud? Here’s how to use it.
If the benefits of using the cloud for enterprise information archiving are worth the risk, here’s what you need to do to protect your data and your company.
- Choose your provider very carefully – When you’re evaluating cloud providers, you need to do your research to fully understand how they’re providing their services (i.e., where your data is actually going?), if they are meeting SLAs, and if they have built in a level of redundancy that is acceptable for your compliance requirements. You can ask potential vendors to show you their software development procedures and policies, security testing policies and their vulnerability disclosure policies to help ensure they have the right security measures in place.
- Make sure your data is securely transferred – To prevent accidental disclosure of protected or private data and meet your regulatory requirements, you must work with your cloud services provider to ensure your content is fully protected during transit.
- Have a backup plan in place – You may not need to duplicate everything, but If you can’t have important data ‘go down’ even for 60 minutes, you must make your own arrangements to back up that important data independently so you have a truly secure enterprise information archiving solution.
Knowing the dangers of using the cloud for enterprise information archiving is half the battle. Using the steps above, you can create a hybrid content archiving solution that utilizes both the cloud and traditional archiving methods so you can help streamline costs while also minimizing your risks.