Without a doubt in our minds, we believe that businesses are moving in greater numbers to the Cloud. It is also true, however, that organizations face dangers of unencrypted databases in the Cloud.
Enterprise Businesses Worry about Data Stored in the Cloud
The major stumbling block for enterprise organizations moving to the Cloud has been their fears about enterprise data security when stored in the Cloud. Up until recently, enterprise organizations have used hybrid cloud solutions in which the company uses Cloud services for some applications and private cloud services for data storage. In recent years, those fears subsided somewhat. No less an expert than Gartner’s 2012 report on IT, predicted that by the end of 2016, 50% of Global 1000 enterprise companies would store sensitive data in the public Cloud. According to Forbes, at the end of 2016, 75% of enterprise companies have at least one app or platform operating in the Cloud and experts expect that concentration to grow throughout 2017.
Small Businesses: No Longer Immune to Cyber Attacks
Small businesses have taken to cloud computing enthusiastically over the last few years because it’s efficient, lower-cost, and doesn’t require heavy investment in hardware and infrastructure.
- According to Symantec, in 2015 43% of cyber attacks focused on small businesses (up from 18% in 2011).
- According to the Ponemon Institute in its report “2016 State of SMB Cybersecurity”, only 14% of small businesses in the study believe that their efforts to reduce cyber risks and attacks, as well to identify and resolve vulnerabilities, are highly effective.
- Many small companies (60%) that suffer cyber attacks go out of business within six months of the attack.
Top Security Threats of Concern in 2017
- 66% of small businesses worry about data theft from customer accounts;
- 49% of small businesses express concern about intellectual property;
- the more workload and software that businesses transfer to the Cloud, the more cyber hackers will attack the Cloud as their next treasure-palace;
- Ransomware attacks will not only continue to increase in 2017 but will continue the advancement in more advanced techniques; and
- Hackers will continue to take advantage of known system vulnerabilities. The recent ransomware global attack called WannaCry is a good example of hackers taking advantage of a known software vulnerability that if closed would avoid attacks — but the issue wasn’t fixed before hackers took advantage of the defect.
Within the next three years, a large percentage (43%) of enterprise organizations plan to move data storage and data management to the Cloud, while another 43% plan to move data analytics to the Cloud. That makes the Cloud a target-rich environment.
What Stored Information Do Cyber Criminals Consider Valuable?
The following information faces constant attack:
- Healthcare records offer hackers with a fountain of information about people: social security numbers, dependents, job, addresses, phone number, insurance policy information, etc.
- Health records are currency in today’s market. In fact, hackers consider health record information 100 times more valuable than credit cards. Data hackers cost the health care industry $5.6 billion a year. A single health record can fetch $500 on the dark web.
- Medical apps, like those to help monitor diabetes, often have no security against sharing information with third parties so the medical information is not private like users think. While sharing health information seems a laudable goal for the patient, it leaves a huge hole in data security if the third-party does not secure its system from hackers.
- Hackers in today’s market target large and small businesses with precision. They target business data, stored sensitive information about acquisitions and mergers, and embarrassing information they can use to harm a company’s reputation.
- Corporate hacking often involves stealing social security numbers. They are the magic wand for information on all of our lives. Hackers often “spear-phish” for state/federal tax records, W-2s, and employee records in the attempt to gain social security numbers and other private information that they can turn into gold.
How Can Businesses Protect Against Hackers?
We emphasize that keeping networks and applications up to date with security patches is critical to all businesses, not just those that store data in the Cloud.
All hospitals should encrypt medical records to limit access to authorized persons. Indeed, all businesses should take a hard look at their security practices (passwords, multi-level authentication, etc.) to see whether they should upgrade or tighten the encryption.
Gartner says that through 2020, 95% of Cloud security failures will be the customer’s fault, not the Cloud provider — which means businesses have to take more responsibility for security even when operating in the Cloud.
We look forward to helping you protect your business, please contact us.