Safe Cloud Computing for Contractors
Author, Drew Garcia, Vice President, Landscape Group, Rancho Mesa Insurance Services, Inc.
Even prior to the COVID-19 pandemic, many construction companies were utilizing some form of cloud-based systems to effectively streamline business operations and increase accessibility of information. While hosting sensitive data in the cloud has many benefits like shared access to data, applications and storage, there are some risks contractors should take into account before relinquishing their data to the cloud.
A leading provid//er of Cyber Liability insurance, CNA references three key risks companies utilizing cloud technology need to be aware of in an recent article, “Cloud computing 101: Getting clear about the cloud.” CNA explains data protection, data loss/disruption and inappropriate access are risks business take on in exchange for the benefits of cloud computing.
Data Protection
Protecting data is essential for any organization. Customers’ personal and payment information may be stolen by hackers once the data is stored in the cloud or even while in transit. So, your data in the cloud must be secured through encryption to prevent the data from being usable if stolen. As the cloud customer, the company should manage the encryption keys to ensure only authorized users can decrypt the data.
Data Loss / Disruption
You may be thinking about moving your data to the cloud as a way to protect it from electrical outages, fire, flood and other natural disasters. However, your cloud hosting provider can be left inoperable due to similar calamities. Before hosting your data in the cloud, review your host’s back-up and redundancies to ensure there will be a copy of your data available if something should happen to the host’s servers. Have a plan in place to help navigate your most critical information in the event something like this occurs.
Inappropriate Access
When storing data in the cloud, it is imperative the company ensures stringent and complex user authentication. This may mean passwords are changed frequently or two-factor authentication is deployed to ensure hackers can’t find their way to your data. When you manage a large user-base, the risk rises. Ensure former employees no longer have access to your data by changing security rights or disabling their account. Complex user authentication can be an effective deterrent to keep those who should not have access to your information from finding their way into your network.
Assuming your information is safe and secure in the cloud is misleading. Be proactive in protecting your information and round out your risk management program with a strong cyber liability program that can fulfill your cloud based risk needs.
For more information about the CyberOne™ program, contact Rancho Mesa.
Article edited 4/19/2021.