2. Numerous Threats to
Data and Business Continuity
Data Loss : Deletion or corruption of
data that can not be recovered
Exposure : Unauthorized access to
sensitive information
Inaccessibility : Unable to access to
critical data due to outage
Compliance Breach: Failure to comply
with federal or industry data regulations
3. What Are The Experts Saying?
CLOUD SECURITY ALLIANCE
The Top Nine Threats to Cloud Computing
#1 : Data Breaches and Leakage
#2 : Data Loss
THE ABERDEEN GROUP
SaaS Data Loss: The Problem You Didn’t Know You Had
32% of companies have lost data in the cloud
SYMANTEC
Avoiding the Hidden Costs of the Cloud
66% of organizations that lost data were unsuccessful in
recovering information
4. Devastating Effects of Data Loss and Exposure
The impact from lost data or exposure
can cripple an organization:
● Loss of revenue due to missing data
● Cost of data replacement / wasted time
● Tarnished brand / reputation
● Repercussions due to policy breach
5. “My Data is Safe, I’m on Google”
Google Apps is extremely
reliable and provides:
● Physical security around data
● Protection against data loss
related to infrastructure
● Settings to allow users to set
data privacy levels
6. Risk to Data Due to Users Not Google
Research found the following risks:
● Over 60% of data loss in Google Apps is
caused by user action or error
● Almost 40% of organizations have had
sensitive data exposed in the cloud
● 8% have lost data due to malicious means
● 3% have seen data deleted or corrupted
by third-party applications
7. Summary
● Multiple threats exists to cloud data
● Organizations affected are widespread
● It’s not the cloud providers that pose risk
● Most loss is caused by users, authorized
apps or malicious act
● Impact to business can be severe
8. Steps You Can Take to Protect and
Secure your Organization’s Google Apps Data
● Use of cloud data backup and recovery applications
to protect data regardless of the root cause
● Implement your corporate security policies to keep
sensitive data private to only authorized or intended
parties
● Leverage data loss protection applications to limit
exposure of PII and sensitive information
● Choose tools that are proactive, automated and
operate continuously without constant intervention
Notas del editor
There are numerous threats organizations can face when leveraging SaaS / Cloud. They include data loss, exposure of sensitive information, inability to access the application and potential compliance issues depending on the organization.
Experts are now listing Data Exposure and Loss as top threats to organizations utilizing cloud products.
Cloud Security Alliance have these threats as #1 and #2 -- both moving up 5 spots from the year before.
A recent study found almost a third of companies have lost data and what’s even more surprising is that 66% were unsuccessful in recovering information.
Any organization would suffer if it lost critical data that couldn’t be recovered. It’s a major cost : loss of revenue, productivity, time to recreate data.
Projects, information or business initiatives all stored only in Google Apps.
Is there Sensitive data that exist in your users Google Drives? How can you be aware of what information users upload and share.
Even if you’re not governed by any regulations related to your data - Most every organization could be liable for certain data exposures.
Google Apps is extremely reliable. SysCloud runs most of our business on Google Apps. I’m not worried that Google is going to expose or delete my data.
However if you read the terms and conditions of almost any SaaS product you’ll find it considerably limits their exposure and the burden of loss is on the client.
The issue is with authorized users who are operating within the application -- 60% of data loss on Google is cause by user action or error.
Do you know how long you have before a file is permanently delete and unrecoverable? Just a few days.
That means you could have a file deleted on Friday and it’s gone forever on Monday
Since there’s only one owner many critical files are depended on a single individual for safeguarding.
What about the time a data exposure could cause harm to your organization? Immediate!
IMAGE: Person / Human
Threats to data can come from anywhere -- it’s not the cloud providers but most likely within the organization that poses the biggest risk and the impact can be huge.
Most threats can be mitigated or eliminated through:
#1 Best practices implemented for passwords or SSO
#2 Proper training for users on sharing data and permissions
#3 Automated Backups
#4 Security & Compliance Tools
#5 Locking down permissions and limiting 3rd applications