How I Learned to Stop Worrying and Love Cloud-Based Products

At this point I think it’s safe to say everything is cloud-based. From cloud cars to Everything as a Service, the cloud has invaded more than just our email addresses. As a result, more and more organizations are moving all of their data into the cloud, including their more sensitive data.

cloud based SaaS security news

Recent Cloud Growth

According to a recent study from Ponemon Institute and Thales e-Security, a third of businesses admitted their data is completely unprotected in cloud-based systems. This development should be alarming to anyone paying attention to security news. Edward Snowden blew the whistle on the NSA’s massive surveillance program over a year ago, exposing the stark truth that the United States government is snooping on its citizens for controversial reasons. Snowden’s massive information dump to news organizations continues to leak out and scare the hell out of people every few weeks.

Recently the internet’s had the epidemic scare of Heartbleed, a massive bug in the basic encryption safeguarding bank and personal websites. The Heartbleed bug has been patched, but most of the old, compromised keys went right back into use, according to the latest security news.

So with keys compromised and the United States government potentially spying on everything we do, why would we store our private information on a cloud-based platform? The answer is quite simple, if you’re willing to do the work.

Basic Security: There are many arguments from crypto alarmists that since no one truly knows where their information is being stored, cloud-based platforms are completely unsafe. In truth, the cloud is no more or less safe than the average personal computer hooked up to the internet. Yes, cloud systems can be hacked. So can unprotected personal servers. In my opinion, SaaS based programs are no more dangerous or vulnerable than legacy software systems.

Encryption: In the wake of Edward Snowden, encryption has become a hot-button issue. From NSA-proof phones to SaaS encryption platforms like Vaultive, everyone wants to lock up their information. That’s a good thing. Even basic, free encryption offers vastly more security than an unprotected system. That doesn’t mean you shouldn’t shop around, though. While Google Apps are offering Zix encryption, that doesn’t mean every cloud-based email is protected. Do your homework.

Personal Vigilance: Perhaps the most important form of security. Whether cloud-based or not, most people use the same simple passwords and do not change them. Most people leave their personal devices laying around unlocked. Keeping an eye on your credit score and using tough passwords goes a long way, even in our cloudy, stormy present.

Have you migrated your information to a cloud base platform, or are you still too leery? Tell us your thoughts in the comments section below!

5 Steps to Social Media Security

It’s an interesting time to be working online. The NSA has been caught doing some pretty serious stuff. Not only is the American government apparently spying on potential terrorist threats, they also wire tapping the phones of allies. All this Snowden-led scandal has resulted in the European Union threatening non-compliance with US-led terrorism monitoring. Needless to say, everyone is feeling a bit stressed.

How does this apply to me? Amid all this espionage gossip, US civilians have been alerted to the world of encryption, spying and cyber security. And perhaps you’ve decided to lock your phone more—or tread more carefully on Twitter automation. But despite a little bit of paranoia, how does this affect you as a social media guru?

Social Media means information. Stop for a moment and consider your brand. Get a piece of paper (or open a Word document—I’m old-school), and write down all the information at your fingertips right now. At the very least, you have social media documents, passwords and insider marketing info. You might have access to more sensitive things like IT data, brand costs and personal customer information. Anyone with your knowledge could—at the very least—use your accounts for some serious spamming. They might even be able to seriously impair your brand with hacked confidential information. Worried yet?

What can you do? The good news is that you can protect yourself fairly well with a few simple steps. There are no guarantees you won’t get hacked at some point, but you can at least minimize the damage with these suggestions:

  • Explain security procedures. The best defense is an early defense. Make sure your clients understand your security policies, and why you do what you do. Explain the importance of keeping their information protected—and the methods in place if social media becomes compromised. Also make sure that new employees understand your company’s security policies early on. Provide written material or create a class, if possible.
  • Secure sensitive information. Where are your written notes? Do they contain passwords and other important information? If so, they need to be secured, especially when you are away from your work area or not in the office. If a large number of people are moving in and out of your building on a regular basis, you might want to consider putting that information into a lockable desk or filing cabinet. Or you could migrate all your paper material onto a more secure, password-protected computer.
  • Passwords should be original. Don’t use password1, or the name of the company. You will get hacked. Consider using a personal, unorthodox word—or even a made-up word. You’ll also want to use numbers in your passwords, if not special characters (exclamation and question marks are very popular). This is one of those pearls of information you’re going to need to explain to clients.
  • If you get hacked, move quickly. Most of the time your account will be hacked for the purposes of spamming. If this is the case, make sure you change your password, delete spam and apologize on your social media platform. The faster you can accomplish these three tasks, the more damage you’ll be able to avoid. Make sure your apology is sincere as well. If it seems like you were hacked for another reason, it’s time to inform your IT guy.
  • Consider encryption. Again, if you have access to IT information or a brand’s insider data, you’ll want to consider taking security to another level. There are a variety of free and paid encryption programs. Speak with your client about their specific needs. Also, understand that your data is no longer just stored on your computer. Look into the security of your phone, and your cloud if you use such storage methods.

So should you be scared? If you’re not taking any steps towards security for your brands, you should probably be nervous right now. But if you take some simple security steps, you will be doing better than most security firms.