Staying safe in the cloud: tips for businesses
Staying safe in the cloud: tips for businesses
Advances in cloud technology have impacted UK businesses profoundly in recent years, allowing flexible access to data and greater opportunities for those looking to work from home. As attitudes towards conducting business change and become more flexible, it is crucial to find a balance between data accessibility and data security. 

According to the Cloud Industry Forum, 88 percent of UK businesses are now using cloud services. With this figure predicted to rise, so too will the number of cyber-attacks and digital threats.

While using the cloud may involve online data security risks, there are several tools and practices that IT departments can implement to stay safe when moving to the cloud.

Key security threats 

Data breach

The possibility of a data breach is one of the biggest threats to security in the cloud. A data breach occurs when sensitive data is released for unauthorised consumption. Although data breaches are not unique to the cloud, they have certainly dominated headlines in recent years. 

Account hijacking 

This occurs when hackers gain access to user credentials through phishing and fraud. Once they have access, attackers can go on to seriously disrupt your business by carrying out malicious activity. Account hijacking can be worrying for any business owner, as it acts in a similar fashion to identity theft. Once your account is hacked, the person responsible impersonates you and can damage the reputation you have worked so hard to build.

Malicious insider

70 percent of unauthorised access to data is committed by a company's own employees. A malicious insider is an employee, former or current, with multiple levels of access to a system or network and with an intent to misuse data. System administrators, in particular, can cause problems for your security if they prove to be a malicious insider, due to their high level of access to sensitive information. 

DoS attacks

Denial of Service (DoS) attacks aim to cause a server breakdown through excessive requests for service, which flood the server and cause it to over-consume its own resources. This type of attack slows down cloud services and apps and prevents users from gaining access to data. 

Tips for staying safe


Encouraging a culture of creating strong passwords in your company can mitigate these threats. The most effective passwords use a mix of upper and lower-case letters, numbers and symbols. In addition, it's best to avoid using any personal information, change passwords regularly and to use a variation of passwords across different services and apps. Tools such as Lastpass or Dashlane can help you manage your passwords to keep them secure. 

Choose suppliers carefully 

It's important to do your due diligence and to investigate how secure your data will be before investing in a specific cloud service. Consider the supplier's approach to encryption, password protection, user controls, backup process and of course their reputation. 

Establish a company policy

It's also useful to implement a company-wide policy regarding the use of cloud software. It can specify how users are managed and how employees are allowed to engage with the cloud. Investing in regular cyber-security training for your company will ensure that the human element of risk is reduced - if people know about the key threats faced by the business and how they can help, a culture of security will begin to develop.

Keep sensitive data off the cloud

No matter how secure you think you are in the cloud, it's always a good idea to store your most sensitive data on a local server. There is never a 100 percent guarantee of security on the internet, and it is prudent to consider which data your business needs to protect offline. 

Contributed by Jamie Scott, content creator, Sage. 

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.