Oh, Sh*t! You Seriously Mean to Tell Me That I Could Lose All of My Cloud Data?

by | May 17, 2021 | Security, Services

losing data in the cloud

Most of us would probably agree that the cloud has turned out to be a boon for business computing. But, have we grown too confident in “the cloud” and now putting too much faith in the cloud systems we are using? Do you assume that your data is secure and that data can never be lost because it is “backed up”? That trust may be ill-place and business owners need to press their cloud provider for details. 

Let me share a little cloud story that should scare you. 

Recently, a client emailed us asking, “Is there a way to do regular backups of our cloud-based ERP data so we can access and use the information if the cloud provider ever had problems?” We responded, “No not really.” and inquired, “Why do you ask?”  

Sadly, the client’s ERP had just stopped working one day and the cloud provider was silent about the outage’s cause. After several days of outage (Can you imagine having your core business system DOWN for DAYS?!), the provider let its customers know that it had been hit by ransomware! The attack took down their cloud platform, and there would be data loss for all of their customers.   

Clearly, the cloud provider’s backup and security were not up to par and their customers are paying the price. I suspect the cloud provider was NOT NIST compliant as we recommend all our clients be.

You may be thinking that you don’t use an ERP system so no big deal. Maybe, but there is a high probability that you are using a cloud-based Microsoft product like Office 365. Yes, Office 365 is backed up, but is your “data” secure just because it’s in the cloud? Not by a long shot because the data is only as secure as your passwords. Users are notorious for selecting, sharing, and repurposing company emails and passwords. If you rely only on passwords, your cloud data and systems are NOT very secure at all. If a hacker gets access to a user account, they can potentially gain administrator access and control your systems and data with ransomware, which brings us back to our story about backups. 

The moral of the story is to ask your cloud vendor questions about their security and backups before something bad happens. If you mistakenly delete an email or a file in your cloud applications, you can recover it easily enough. Luckily, you can protect your account with Multi-factor Authentication and for Office 365, add thankfully there are several 3rd-party backup providers for redundancy. With backups, you can quickly recover mass amounts of data and be back in business almost immediately.  

But, if all of your data gets encrypted by ransomware, you are in for a world of pain. There is no easy way to recover ransomware data outside of paying the ransom and that’s a

SCARY proposition. 

WHAT QUESTIONS SHOULD BUSINESS OWNERS ASK CLOUD PROVIDERS IN ORDER TO CREDIBLY TRUST THEM?

  •  Ask them for documentation about their security and backup procedures. All cloud providers should have something readily available to give to their customers.
  • Ask them point blank, “Can I backup my data on my own as a redundancy if there is ever an outage on the vendors end?”
  • Have they ever had a security incident that took down their platform or had any data loss? Ask for details about what happened, how they recovered, and what they learned.
  • What are their protections from a ransomware outbreak?  

The more you know the better you can prepare. Dig Deeper!

 

 

 

 

 

John Ahlberg
CEO, Waident

CIO in the corporate world and now for Waident clients. John injects order and technology into business process to keep employees productive, enterprises running, and data safe.

Subscribe


Related posts

Using LastPass? Run for the Hills!

Using LastPass? Run for the Hills!

I’ve been a big proponent of using a password manager for years. Managers allow users to develop a litany of complex, effective passwords without having to remember or write down tens if not hundreds of passwords. I’ve touted the password manager called LastPass as...

Myth-busting: Safe Cloud Storage

Myth-busting: Safe Cloud Storage

John Ahlberg and John Quinn talk about the benefits of cloud backups, common misconceptions regarding cloud data storage, and cybersecurity 101 for business. One of the most common misconceptions is that data is "protected" when it is stored in the cloud. It is a...

Waident on YouTube!

Waident on YouTube!

We are excited to announce that Waident launched a series of short talks on YouTube!   Meet IT experts: John Ahlberg, the CEO and founder of Waident Technology Solutions. John worked as a CIO in the corporate world and now he makes sure Waident keeps people...

Subscribe to our blog!

Get our latest thinking to keep your people productive, your enterprise running, and your data safe.

Share This