Spud in the News

When it Comes to Your Data Security Who's Responsible?

When it Comes to Your Data Security Who's Responsible?  - Spud in the News | Spud Software - unnamed_(17)

National Cyber Security Awareness Month: In the age of cloud computing, who takes responsibility for data security?

As we continue with our focus on cyber security, it's important to acknowledge that there is some confusion when it comes to who is responsible for the security of a company's data, especially when that data is stored in the cloud. If your data is being stored in an off-site, cloud-based solution, are you ultimately responsible for its security? Is the cloud provider responsible? Who will be called to account if there is a data breach? The answers to those questions are not as simple as most executives would like, but they're vital to consider when handling sensitive data.

A survey released in September by Barracuda Networks Inc., a firm specializing in data security, reported that 44 percent of companies polled run their infrastructure in the public cloud with that percentage expected to double over the next five years.

But the survey also revealed significant confusion over who was responsible for the security of data stored in the cloud, with 77% of respondents saying the cloud providers were responsible for securing their data while 68% of IT executives believed cloud providers were also responsible for application security.

Data security "remains a key concern for organizations evaluating public cloud, and there’s confusion over where their part of the shared responsibility model begins and ends," said Tim Jefferson, vice president of public cloud at Barracuda.

When it Comes to Your Data Security Who's Responsible?  - Spud in the News | Spud Software - unnamed_(1)

Before you agree to work with any cloud provider it's important to express your expectations and address a few key issues related to cloud security. For example, where is your data being stored? What are likely threats to the security of your data, and how are these threats mitigated? Who is responsible for the major aspects of security, including access management, data encryption, security and vulnerability testing and secure deployment? The answers to these questions should be addressed in a legal contract prior to deploying any data to a cloud service provider.

Of course, if you're storing data in the cloud, we all know by now that it's important to ensure that data is encrypted. (If you're not familiar with encryption and you missed our previous newsletter detailing its importance, you can read it here.) But the level of access you and your cloud provider have to your encrypted data largely affects the burden of responsibility. Do you maintain your encryption keys? Does your provider? Do you both have access to and maintain your encryption keys? If both parties are in control of the encryption keys, both parties are responsible for the encrypted data they control. 

Also, much of the responsibility for the issues relating to cloud security can be determined by which of the three main application architectures you are using for your hosting solution: infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS)  or software-as-a-service (SaaS).

With the IaaS model, the cloud vendor only provides the infrastructure to host data while the user functions as the network administrator. Thus the cloud user accepts the responsibility for all persons with access to the server and applications and maintains encryption keys for all data stored within. They are also responsible for any necessary security patches or audits required on their applications. 

Similarly, with the PaaS solution, the cloud provider secures and monitors the provided database, but the cloud user is responsible for access management and the data itself.

With SaaS solutions, the security responsibility is shared between the vendor and the cloud user, and the vendor assumes significantly more responsibility than in the other two models. The user is still responsible for access management, but as the cloud vendor is providing the application, they assume responsibility for the program interface and security within their system. This includes security and vulnerability testing, secure deployment practices and application code scanning.

When it Comes to Your Data Security Who's Responsible?  - Spud in the News | Spud Software - unnamed_(2)

If your company is currently operating in a cloud-based environment, or you're considering moving to a cloud-based application and you're unsure of who is responsible for the security of your data, Spud Software is here to help. Contact us and a member of our experienced staff can help you determine if your data is secure, and what solutions are best suited to your company's IT security needs.

If you're interested in learning more about web applications and how they can impact your business, you can join us on November 2nd for the Auburn Hills Chamber of Commerce Business Development Series. Larry Bossman, Spud Software's Sales Director, will be hosting a discussion on how to make software investments profitable for your company.

You can register for the event here.

When it Comes to Your Data Security Who's Responsible?  - Spud in the News | Spud Software - unnamed_(18)

When it Comes to Your Data Security Who's Responsible?  - Spud in the News | Spud Software - Screen_Shot_2017-09-06_at_11

Sweet, seven year old Bonnie is still looking for her forever home. This adorable 75 pound pup thinks she's a lap dog and will be like velcro by your side. If you're looking for a constant companion, Bonnie is your girl. Would you consider making it her lucky day?

When it Comes to Your Data Security Who's Responsible?  - Spud in the News | Spud Software - unnamed_(19)

If you're interested in adopting James or any of the other residents at Lucky Day Animal Rescue, visit their website and fill out an adoption form.  You can make it some animal's Lucky Day!

When it Comes to Your Data Security Who's Responsible?  - Spud in the News | Spud Software - Screen_Shot_2017-09-06_at_11

When it Comes to Your Data Security Who's Responsible?  - Spud in the News | Spud Software - unnamed_(20)Last weekend we spotted a Spud shirt at Lucky's Steakhouse. Jeff obligingly modeled the classic blue shirt in front of the specials sign. That filet and lobster sure sounds good. Hope you enjoyed your meal, Jeff!


Have you seen a Spud shirt lately? Send us a picture to be featured in our newsletter!

When it Comes to Your Data Security Who's Responsible?  - Spud in the News | Spud Software - Screen_Shot_2017-09-06_at_11

"The pessimist sees difficulty in every opportunity. The optimist sees opportunity in every difficulty."

- Walt Disney


October Is National Cyber Security Month

Does your cyber security plan make you more than a statistic? In the wake of multiple data breaches, ransomware attacks and backdoor hacking incidents, it seems like National Cyber Security Awareness month couldn't have come at a better...

Backdoor Vulnerability - Is Your System At Risk?

News of yet another security breach spread over the internet Monday morning. Researchers discovered that the Avast-owned security application CCleaner for Windows had been compromised by hackers who had installed a vulnerability in the malware removal tool. This vulnerability opened up millions of

Encryption: The Best Defense for Your Data

Do you know why encryption should be your first line of defense? Encryption is one of those words we use a lot in the software industry, and for good reason. When it comes to protecting your data, it is our first, and best, security solution....

Have You Prioritized Your Processes?

Does your company have a road map to success? Just as the choices we make day-to-day determine our course as individuals, the processes you follow as a company determines your organization's success. And the efficiency and effectiveness...

Domain Shadowing: The Hidden Threat to Your Domain

Is your domain safe from shadowing? Your business thrives on its reputation, and we know that you work hard to build a positive name in your community and your field. But maybe you've never considered your cyber reputation, or more aptly,...

Industry 4.0: Changing Modern Manufacturing

The next generation of manufacturing is taking off. If it seems like everything is going "smart" these days, that's because that's exactly what's happening. Smart technology is spreading across our world, from the...

The Benefits of Microsoft Azure

Fast, reliable cloud computing that's now going local. Yesterday Microsoft announced that their private cloud platform, Azure Stack, is ready for its first customers. Previously available only as public infrastructure and platform...

Keep Your Technology Cool

Summer is an important time to keep your cool. The warmth of summer is a great time to head outdoors and enjoy some fun in the sun, but it also challenges us to find ways to keep cool. And while you're focusing on keeping yourself cool,...
Page: 12345 - All
Spud Software, Inc. BBB Business Review