Oh, Sh*t! You Seriously Mean to Tell Me That I Could Lose All of My Cloud Data?

by | May 17, 2021 | Security, Services

losing data in the cloud

Most of us would probably agree that the cloud has turned out to be a boon for business computing. But, have we grown too confident in “the cloud” and now putting too much faith in the cloud systems we are using? Do you assume that your data is secure and that data can never be lost because it is “backed up”? That trust may be ill-place and business owners need to press their cloud provider for details. 

Let me share a little cloud story that should scare you. 

Recently, a client emailed us asking, “Is there a way to do regular backups of our cloud-based ERP data so we can access and use the information if the cloud provider ever had problems?” We responded, “No not really.” and inquired, “Why do you ask?”  

Sadly, the client’s ERP had just stopped working one day and the cloud provider was silent about the outage’s cause. After several days of outage (Can you imagine having your core business system DOWN for DAYS?!), the provider let its customers know that it had been hit by ransomware! The attack took down their cloud platform, and there would be data loss for all of their customers.   

Clearly, the cloud provider’s backup and security were not up to par and their customers are paying the price. I suspect the cloud provider was NOT NIST compliant as we recommend all our clients be.

You may be thinking that you don’t use an ERP system so no big deal. Maybe, but there is a high probability that you are using a cloud-based Microsoft product like Office 365. Yes, Office 365 is backed up, but is your “data” secure just because it’s in the cloud? Not by a long shot because the data is only as secure as your passwords. Users are notorious for selecting, sharing, and repurposing company emails and passwords. If you rely only on passwords, your cloud data and systems are NOT very secure at all. If a hacker gets access to a user account, they can potentially gain administrator access and control your systems and data with ransomware, which brings us back to our story about backups. 

The moral of the story is to ask your cloud vendor questions about their security and backups before something bad happens. If you mistakenly delete an email or a file in your cloud applications, you can recover it easily enough. Luckily, you can protect your account with Multi-factor Authentication and for Office 365, add thankfully there are several 3rd-party backup providers for redundancy. With backups, you can quickly recover mass amounts of data and be back in business almost immediately.  

But, if all of your data gets encrypted by ransomware, you are in for a world of pain. There is no easy way to recover ransomware data outside of paying the ransom and that’s a

SCARY proposition. 

WHAT QUESTIONS SHOULD BUSINESS OWNERS ASK CLOUD PROVIDERS IN ORDER TO CREDIBLY TRUST THEM?

  •  Ask them for documentation about their security and backup procedures. All cloud providers should have something readily available to give to their customers.
  • Ask them point blank, “Can I backup my data on my own as a redundancy if there is ever an outage on the vendors end?”
  • Have they ever had a security incident that took down their platform or had any data loss? Ask for details about what happened, how they recovered, and what they learned.
  • What are their protections from a ransomware outbreak?  

The more you know the better you can prepare. Dig Deeper!

 

John Ahlberg, CEO, Waident Technology Solutions

John Ahlberg
CEO, Waident

CIO in the corporate world and now for Waident clients. John injects order and technology into business process to keep employees productive, enterprises running, and data safe.

Related posts

Choosing an MSP: No. 2. Strategic Alignment and POV on IT

Choosing an MSP: No. 2. Strategic Alignment and POV on IT

Does the MSP share our vision for IT and its purpose? Financial viability is critical for an MSP. Prudent financial management ensures that the proper investments are being made in the business and that the MSP can survive the booms and busts of technology trends....

IT Support is NOT IT Security

IT Support is NOT IT Security

I hear all too often from business leaders who think their IT Support team and their Security team are synonymous. They just assume that Support addresses all of their security needs by default. After all, the IT Support gang has been managing the anti-virus software...

Choosing the Right MSP for Your Business

Choosing the Right MSP for Your Business

There are probably as many “How to Choose a Managed Service Provider” guides online as there are MSPs. Do you really desire to consume another piece of self-promotional “content”? I’m going to assume that the answer is “No.” Well, my goal is to NOT add to all that...

Share This