What cloud providers can and can't do to protect your data

Moving data and apps to the cloud requires a sense of shared responsibility for security. Here's how cloud providers protect your data and what you still must do yourself.

cloud security expert casb binary cloud computing cloud security by metamorworks getty 100803072 or
Metamorworks / Getty Images / Microsoft

We all have at least part of our data in the cloud. Most of us still have servers located locally or perhaps in a local datacenter or in redundant regions throughout the world. Too often the processes that we used when our servers were local are the same processes we use in the cloud, but risks and responsibilities in the cloud are different.

If you’ve ever wondered what a datacenter is like and what protections your vendors perform to ensure that your data is safe, check out this virtual tour of a datacenter. The often-quoted phrase that the cloud is just someone else’s server is partially true, but the reality is that the cloud is more than just a server. It offers physical protection such as access controls and monitoring of who brings what into the datacenter. This level of physical security is often more than we provide for local storage. We can get away with less protection when we are located closer to the data, but our cloud vendors can’t do the same. Multiple customers share the same space and may have different risks and needs.

Local server security vs. datacenter security

My local servers do not have the same levels of backup generators or power grid redundancies that most datacenters consider to be standard. Case in point, the other day the local power company needed to do electrical work on the meter in our area that required us to turn off the power for the day. We turned off all the local computers and servers in the building because our battery backups and power supplies would not last the expected 12-hour down time.

To continue reading this article register now

21 best free security tools to make your job easier