With the revelation that celebrity data was hacked on Apple’s iCloud service; it must appear that cloud storage isn’t looking as safe as it was claimed to be. Insurers don’t need to worry unduly about data in the cloud; the celebrities had failed to follow Apple’s security recommendations and that was let their accounts be hacked. However, it is important to take steps to protect your data in the cloud and there are some simple measures that can help keep it as secure as possible:
1. Keep an Eye on those With Access to the Cloud
If you have people within the organization responsible for administrator rights or those with access to the most valuable Intellectual Property (IP) you have in the cloud; you need to keep an eye on them – it’s easy for people to get careless about security protocols, a gentle reminder every now and again can get them refocused. Ideally, you also want to make sure that they get the best training possible to ensure that they fully understand how to keep your data secure and what the best practices are at any point in time.
2. Restrict Access Based on a Need to Know and The User’s Device
Always give people the minimum amount of access to data necessary; it limits your exposure if a breach occurs on a specific user account. You also want to consider reducing someone’s access based on the device they use to access the network. If they use their desktop PC there’s much less risk of someone else breaching your security precautions than if they are using their smartphone (which is vulnerable to loss and theft).
It’s also important to ensure that device security is managed centrally. Patch updates, etc. need to be managed without user input for greatest efficiency. Regular audits, of smartphone content to eliminate applications which leave your data at risk, are a good idea too.
3. Conduct a Thorough Risk Assessment
Data which, if breached, could leave you particularly vulnerable should have stronger levels of protection and control of access than more general data. The good news is that insurers should be used to assessing risk and determining their priorities; more so than other businesses facing implementing these measures.
4. Use Intelligent Network Protection
The better the analytics packages you use to protect your network; the more secure your cloud stored data will be. Don’t rely on the cloud hosting provider’s protection measures solely. Always, implement your own.
5. Monitor the Cloud
Robust procedures such as user validation and password validation through external devices; also enable you to build an audit trail. If something does go wrong; you need to be able to identify where, when, who, etc. as fast as possible to put it right before any material damage is done to your data or your business.
It’s worth remembering that cloud storage is generally secure. Most cloud data hosts incorporate their own security protocols (including advanced encryption for your data that is designed to render it useless to a hacker in the event of a breach). However, a smart insurer doesn’t rely on the cloud data host alone – they take action to protect their data above and beyond this.