THE WINDWARD WIRE

The Security of Cloud File Sharing

Mindy Rathe
October 19, 2012

With all the news recently about stolen email addresses and credit card information, protecting internal networks and maintaining firewalls from hackers and spammers is a challenge enough on a good day. How secure then is "The Cloud," especially when it's used for something as potentially critical as file sharing? To answer this question you need to consider two things:



   How secure is the data center housing the servers or "cloud" where your data is stored?
   

  • How secure is the data in transit between your organization and the cloud?
       



  • Data Center Security

    Formerly called SAS70 Type II, you will want to make sure your data center adheres to the most rigorous current standards under SSAE-16. You will also want to see if the facility has successfully passed at least SOC 1, which is the updated security audit under SSAE-16 guidelines.

    For an additional layer of security, you will want a data center that maintains all servers responsible for authentication and encryption key management in a separate facility from that housing the encrypted file data. This ensures that the encrypted file data and proper file version encryption key are brought together only on an as-needed basis and in a tracked manner, preventing a single point of compromise.

    Finally, when data has reached its end according the user's retention policies, you will want a data center that properly removes all decommissioned data as part of the "sanitization process." To ensure proper sanitization, data centers need to adhere to DoD 5220.22-M ("National Industrial Security Program Operating Manual") and NIST 800-88 ("Guidelines for Media Sanitization").

    Security of Data in Flight

    The security of data transmission is equally critical to that of the data center itself, and is often more at risk. You will want a data center that stores files utilizing military-grade AES SSL encryption set to its highest 256-bit level with a strongly generated key that is unique to each file revision - both of which serve to substantially increase security by increasing the level of work required for a compromise and by limiting the potential scope of vulnerability to a single file revision.

    Have Confidence

    If you use a data center and cloud file sharing service that adheres to all of the above, you can have confidence that your information will be secure and you can worry about more important things - like where to have lunch.

    Contact us to learn more or for a free consultation