Spud in the News

When it Comes to Your Data Security Who's Responsible?

When it Comes to Your Data Security Who's Responsible? - Spud in the News | Spud Software - unnamed_(17)

National Cyber Security Awareness Month: In the age of cloud computing, who takes responsibility for data security?

As we continue with our focus on cyber security, it's important to acknowledge that there is some confusion when it comes to who is responsible for the security of a company's data, especially when that data is stored in the cloud. If your data is being stored in an off-site, cloud-based solution, are you ultimately responsible for its security? Is the cloud provider responsible? Who will be called to account if there is a data breach? The answers to those questions are not as simple as most executives would like, but they're vital to consider when handling sensitive data.

A survey released in September by Barracuda Networks Inc., a firm specializing in data security, reported that 44 percent of companies polled run their infrastructure in the public cloud with that percentage expected to double over the next five years.

But the survey also revealed significant confusion over who was responsible for the security of data stored in the cloud, with 77% of respondents saying the cloud providers were responsible for securing their data while 68% of IT executives believed cloud providers were also responsible for application security.

Data security "remains a key concern for organizations evaluating public cloud, and there’s confusion over where their part of the shared responsibility model begins and ends," said Tim Jefferson, vice president of public cloud at Barracuda.

When it Comes to Your Data Security Who's Responsible? - Spud in the News | Spud Software - unnamed_(1)

Before you agree to work with any cloud provider it's important to express your expectations and address a few key issues related to cloud security. For example, where is your data being stored? What are likely threats to the security of your data, and how are these threats mitigated? Who is responsible for the major aspects of security, including access management, data encryption, security and vulnerability testing and secure deployment? The answers to these questions should be addressed in a legal contract prior to deploying any data to a cloud service provider.

Of course, if you're storing data in the cloud, we all know by now that it's important to ensure that data is encrypted. (If you're not familiar with encryption and you missed our previous newsletter detailing its importance, you can read it here.) But the level of access you and your cloud provider have to your encrypted data largely affects the burden of responsibility. Do you maintain your encryption keys? Does your provider? Do you both have access to and maintain your encryption keys? If both parties are in control of the encryption keys, both parties are responsible for the encrypted data they control. 

Also, much of the responsibility for the issues relating to cloud security can be determined by which of the three main application architectures you are using for your hosting solution: infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS)  or software-as-a-service (SaaS).

With the IaaS model, the cloud vendor only provides the infrastructure to host data while the user functions as the network administrator. Thus the cloud user accepts the responsibility for all persons with access to the server and applications and maintains encryption keys for all data stored within. They are also responsible for any necessary security patches or audits required on their applications. 

Similarly, with the PaaS solution, the cloud provider secures and monitors the provided database, but the cloud user is responsible for access management and the data itself.

With SaaS solutions, the security responsibility is shared between the vendor and the cloud user, and the vendor assumes significantly more responsibility than in the other two models. The user is still responsible for access management, but as the cloud vendor is providing the application, they assume responsibility for the program interface and security within their system. This includes security and vulnerability testing, secure deployment practices and application code scanning.

When it Comes to Your Data Security Who's Responsible? - Spud in the News | Spud Software - unnamed_(2)

If your company is currently operating in a cloud-based environment, or you're considering moving to a cloud-based application and you're unsure of who is responsible for the security of your data, Spud Software is here to help. Contact us and a member of our experienced staff can help you determine if your data is secure, and what solutions are best suited to your company's IT security needs.

If you're interested in learning more about web applications and how they can impact your business, you can join us on November 2nd for the Auburn Hills Chamber of Commerce Business Development Series. Larry Bossman, Spud Software's Sales Director, will be hosting a discussion on how to make software investments profitable for your company.

You can register for the event here.

When it Comes to Your Data Security Who's Responsible? - Spud in the News | Spud Software - unnamed_(18)

When it Comes to Your Data Security Who's Responsible? - Spud in the News | Spud Software - Screen_Shot_2017-09-06_at_11

Sweet, seven year old Bonnie is still looking for her forever home. This adorable 75 pound pup thinks she's a lap dog and will be like velcro by your side. If you're looking for a constant companion, Bonnie is your girl. Would you consider making it her lucky day?

When it Comes to Your Data Security Who's Responsible? - Spud in the News | Spud Software - unnamed_(19)

If you're interested in adopting James or any of the other residents at Lucky Day Animal Rescue, visit their website and fill out an adoption form.  You can make it some animal's Lucky Day!

When it Comes to Your Data Security Who's Responsible? - Spud in the News | Spud Software - Screen_Shot_2017-09-06_at_11

When it Comes to Your Data Security Who's Responsible? - Spud in the News | Spud Software - unnamed_(20)Last weekend we spotted a Spud shirt at Lucky's Steakhouse. Jeff obligingly modeled the classic blue shirt in front of the specials sign. That filet and lobster sure sounds good. Hope you enjoyed your meal, Jeff!

 

Have you seen a Spud shirt lately? Send us a picture to be featured in our newsletter!

When it Comes to Your Data Security Who's Responsible? - Spud in the News | Spud Software - Screen_Shot_2017-09-06_at_11

"The pessimist sees difficulty in every opportunity. The optimist sees opportunity in every difficulty."

- Walt Disney

 

Do you know the benefits of a good UX design?

Do you know the benefits of a good UX design? Tech people throw around a lot of acronyms. We have HTML, CSS, .NET, SQL, C#, PHP - the list is like a mixed up bowl of alphabet soup. And for most people, these acronyms are as confusing as the...

We Are Hiring!

Referral Incentive for Qualified Candidates* Have you been looking for a little extra cash? Maybe you're saving up for a jet ski or camper. Whatever it is, we know everyone appreciates a little extra money in their pockets. That's why...

Are you being safe while browsing the web?

Are you being safe while browsing the web? We all love the internet. It helps us with so many things, like keeping us up to date on the latest news, learning something new, researching our favorite subject, or watching that funny video of a...

Software is Not 1 Size Fits All

Why Software Isn’t One-Size-Fits-All For some companies, out-of-the-box software solutions are not really solutions at all. If you’re reading this newsletter, you’re probably one of those companies, frustrated because you...

How do you celebrate Saint Patrick's Day?

How do you celebrate Saint Patrick’s Day? Saint Patrick’s Day is a holiday all about having fun. It’s a day that everyone is a little bit Irish; a day to hang out with good friends while eating Irish stew and drinking a...

What are dashboards and why do you need them?

A Business Dashboard is quite a powerful tool that is beneficial to both you and your company. Your business generates a massive amount of data, from simple things such as who is logging hours to more complex items such as project tracking....

New

Page: 12345 - All
Spud Software, Inc. BBB Business Review