When it comes to security, countless people still believe that cloud computing is inherently unsecure; many think that the only way to keep data safe is by using an on-premise server with strong perimeter security. For government organizations, overcoming this universal misconception is one of the biggest barriers to adopting cloud-based data storage. The idea that an on-premise server is completely safe is incorrect – no system is entirely safe. Given enough time and resources, any tool can be compromised. Even a powered off computer, disconnected from the Internet can still be stolen and hacked. In fact, a majority of companies making headlines for their cyber breaches were using traditional, on-premise data systems. Data stored in the cloud can be safer than on-premise data; storage just has to be done correctly.
Many people begin with the question “Where is my data being stored?” when they should really be asking “How is my data being protected?” Technology and attack methods are evolving so quickly that perimeter defense and network security are no longer enough to stay protected. Attackers are realizing that they don’t have to spend the time and resources trying to break into a system from the outside in. Through detailed and convincing phishing schemes, it’s much easier to simply gain access by tricking someone on the inside to give away their passwords. A hacker only has to be right once to gain entrance, but an organization has to get it right all the time to keep threats out. This is why it is imperative to update your approach to protecting and securing the enterprise.
For example, Google security experts suggest organizations should build new technology for the future instead of trying to patch past IT to compete with the latest hacks and attacks. Google’s team of 500 dedicated security experts created a completely new way to securely store data in the cloud: a virtual maze that protects data through multiple layers of security. In Google’s cloud storage systems, data is broken up into several pieces, assigned a random name, and distributed across at least two separate data centers. As a result, even if a hacker were able to gain access to the information, they would only have a single puzzle piece of the data and no way to link it to the owner. The data itself is also encrypted in a way that renders it illegible to the threat actor. This creative security strategy would be impossible on an on-premise data server; that’s why moving data to the cloud is becoming the trusted choice for data security.
In addition to Google’s data storage strategy, standards such as FedRAMP, FISMA, and NIST ensure that IT solutions meet certain security protocols to be considered safe for government organizations to use. However, it is still important to recognize the need to continuously update security strategies and enforce the latest best practices. Accreditations are a great starting point, but agencies must build security beyond them in order to be as comprehensive as possible. “Security is really hard, it’s difficult, it’s expensive,” says Loren Hudziak, Solutions Architect at Google. It’s not something that organizations themselves should have to be experts in; however, cyber teams should recognize it is the main job of the person trying to break into the system. In order to have true security and protection, agencies must fully protect their data regardless of where it is located.
To learn more about Google’s data and cloud security strategies, stop by the Google booth, #230, at DoDIIS 2016. You can also check out Loren Hudziak’s full cloud security presentation here.