by Belinda Schuster, CCIM, NWI Commercial Real Estate
This seems to be an overwhelming topic and can be daunting to understand without a computer science professional. I will tackle the topic “the cloud” in a very general sense and at the end of this article a link to the e-book “7 Steps to Holistic Security Strategy” by Microsoft, which includes Questions to ask your cloud provider.
Where is the cloud? When I first heard about the cloud, I had hard time wrapping my mind around the concept of the cloud. It seems a bit mysterious as to what happens to the data on the way to the Cloud. Upon investigation, it is a physical infrastructure where many computers are housed in huge warehouses worldwide. In general the cloud allows us to access our files, documents, and software from anywhere. Software no longer has to be on a single desktop. It my understanding the Cloud is about processing power and storage power and it’s a combination of global infrastructure of servers and data centers.
If your data is “in the cloud”, it is somewhere on a provider such as Google, Amazon, or IBM’s server and sometimes you pay a membership fee to have access to your own data. Understanding the cloud provider’s terms of service is very important. There is the question about who controls that data once it is in the cloud storage. In terms of security and privacy this can be a huge concern when it comes to client’s confidential information. Once data is stored in the cloud do you lose control over it? What happens when you want to delete a file? How can you be sure the company will delete all the files?
There are currently 5 top cloud providers according to Forbes 11/17: (1) Microsoft, (2) Amazon, (3) IBM, (4) Salesforce.com and (5) SAP. Apple uses Google and Amazon as cloud providers, however encrypts data before it passes data along to the service provider. All providers must be in compliance with cyber security standards. It is up to the end users of cloud services to investigate each company and compare features, benefits and security compliance.
Microsoft Azure Information Protection is protecting documents within a company, documents as they exit to mobile devices outside the company and into the cloud. Microsoft is working with DLP (data lost prevention) partners and some industry leaders to create a unified model of allowing users to classify data, label content, protect data, monitor and track it’s use. The goal is to have everyone adhere to labeling and classification models with both service providers and end users sharing responsibility for the security of sensitive data. www.microsoft.com/ems
“7 Steps to holistic security strategy” by Microsoft
Not all data needs protection and letting the person creating the document determine the level of security necessary makes sense. As we all struggle to figure out the best way to protect client sensitive information and privacy, we can protect ourselves by becoming educated about cyber security. E & O insurance companies offer First Party Cyber Liability Coverage and you may want to consider adding this coverage to your current policy.
Belinda Schuster, CCIM License IN #14041809 NWI Commercial Real Estate, 158 S Napoleon, Suite 106, Valparaiso, IN 46383, www.nwicre.com