A recent white paper by Cory Louie, Head of Trust, Safety, and Security at Dropbox, the free and highly popular cloud-based service that lets users store photos, documents and videos and access them anywhere at any time, made some salient points on the security of cloud-based solutions that we thought was worthy of sharing. The premise of Louie’s piece is that the cloud is no less secure than on-premises software, despite widespread perceptions to the contrary, and that “giving up physical possession doesn’t mean you’re giving up security.”
Privacy Rights Clearinghouse reports that physical theft, employee mistakes, and insider threats were responsible for 42.7% of data breaches in the United States in 2013, and in another 29.6% of the breaches last year, hackers broke into data owned by companies and government. The cloud can not be blamed in these instances.
The cloud is not infallible, as Louie points out, it is “40% more likely to suffer a web app attack and 10% more prone to a vulnerability scan weakness than an enterprise data center.” However, “in recons, malware, bot, and app attacks, the cloud seems to have less risk than on-premises” software.
Neither cloud-based solutions nor on-premises options can boast 100% security, but Louie’s white paper illustrates that the widespread notion that the cloud offers inferior security to in-house software is a fallacy. In fact, it offers a number of advantages. Still, it’s all about managing risks and determining if the security advantages the cloud offers is right for you and your organization, and Louie’s piece offers several insightful tips on how to go about making that determination.