26 Oct 2021

How cloud services help boost cyber resilience

Genetec's Steve Green takes a look at how organisations can secure their cloud-based software.

Cloud-based software solutions are often more powerful, convenient, and affordable than locally hosted alternatives, but many people wonder: are they really secure?  

More than 96% of organisations have adopted some form of cloud technology, yet many organisations haven’t yet put in place all the policies and procedures they need to protect sensitive data from cyber threats.  

Modern cloud systems include many layers of security designed not only to protect against malicious actors but also human error. Data breaches are not only caused by black hat hackers cracking encrypted code but possibly by something as simple as an intern or employee sharing login credentials with the wrong people.  

That’s why it’s important to look for cyber security features in cloud software that include not only things like sophisticated data encryption, but also tight access controls, two-factor authentication, and multiple levels of system logging, monitoring, and reporting to proactively identify unusual activity and mitigate potential threats.  

What is cyber resilience? 

A robust cyber security approach doesn’t only focus on protecting vulnerable systems from data breaches and malware. It includes developing systems and processes to ensure cyber resilience.  

Resilient systems are designed to limit the impact of cyber threats and unauthorized system access and reduce the time it takes to recover from an accidental or malicious security breach.  

Here’s an example: at Company A, employees share one admin-level account with the power to access and modify all online systems. At Company B, each employee has their own username and password, and can only access the information needed to do their job. Let’s imagine both companies hire a summer student who writes down their login information on a post-it note, and accidentally drops it on the street. Which company would be more resilient to threats resulting from unauthorized access using the lost login information? With stringent password policies and cyber hygiene, Company B will have a more secure deployment than Company A, even if the security technologies they use are the same.  

Are cloud-based solutions right for you?  

Cloud-based solutions offer many benefits over on-premises systems, especially for businesses that do not have the IT staff or expertise to maintain and update software regularly. If you do have internal IT resources, you may also want to explore a hybrid deployment model, which combines cloud-based and on-premises solutions.  

Choose a provider who will assign a cloud security expert to help you set up a cyber-resilient system. Your provider may also offer advice to support you in developing cyber hygiene protocols to reduce the likelihood of a breach caused by human error.  

Ask your software providers about how they ensure that your data are protected, and what measures they have in place to control access to private information.  

Simple but effective tactics like ensuring important data are backed up in a separate cloud environment, or limiting staff access to only the applications, systems, and network infrastructure they really need are important but often overlooked ways to mitigate risk. Ask also about their approach to supply chain risk management; we recommend purchasing only security hardware and software that are produced by trustworthy manufacturers who follow cybersecurity best practices.   

Remember: your security system is only as secure as its weakest point (or the least trustworthy device connected to it).

How Genetec ensures safety in our systems 

Being concerned about cyber security is natural when so much sensitive data is stored online. We believe cyber security is a responsibility shared by every employee, contractor, and partner — not just our IT experts.  

At Genetec, we have long advocated for stronger data protection and privacy controls in our industry. We ensure our systems are cyber resilient through a combination of security controls, redundant data storage, and stringent employee training.  

 

Article by Steve Green.

Steve Green is a Business Development Manager at Genetec. Steve brings over 20 years of experience in the IT and Physical Security sectors, and in that time has worked for some of the industry-leading software manufacturers and solutions providers. Since joining the company in 2015, his focus has been on working closely with customers in the oil, gas, energy and transports industries, to develop their use of Genetec solutions.