Posted by Kalyani M. on Sep 27, 2013
Small businesses have been stuck in a security limbo over the past few months. News of the NSA’s PRISM program has frustrated consumers and has complicated the international market. Widespread cloud fears and worries of government surveillance programs, as well as the prevalence of state-sanctioned hacking have prompted many businesses to cancel contracts and forgo the cloud altogether. But security fears shouldn’t keep you or your business from capitalizing on all that the cloud has to offer. With a secure cloud service that offers zero-knowledge storage, data privacy, strong encryption, and user anonymity, SMBs can leverage the cloud without worrying about dealing with the headache of a breach or leak.
Consumer fallout following revelations of the National Security Agency’s PRISM program are set to cost U.S. cloud service providers up to 20% of the foreign cloud market for a potential combined loss of $35 billion. The Information Technology & Innovation Foundation (ITIF) recently put out a report that claims that lack of consumer trust could derail the American cloud for the long term. According to the report’s author Daniel Castro, “If U.S. companies lose market share in the short term, it will have long-term implications on their competitive advantage in this new industry. Rival countries have noted this opportunity and will try to exploit it.” And a report by the Cloud Security Alliance revealed that 10% of respondents cancelled contracts with U.S. cloud providers following news of the PRISM program leak.
Another survey of executive-level managers shows that 49% of respondents believe that the cloud will positively benefit their business but have been hesitant to adopt the technology due to security fears. According to cloud engineering specialist Ryan Stenhouse, the cloud actually can be more secure than what many businesses are currently using. Stenhouse says, “If anything, you have more control over what you’re deploying on, since you have no fixed allocation of resources – you use as much or as little as you need and that leads to savings. The biggest security concerns are around access to your data on your VM, you should carefully investigate the controls providers have in place to secure your environment. Big providers such as Amazon and Rackspace make this information available and are accredited to the highest industry standards.”
Still, businesses should be wary of exactly which providers they trust with their sensitive data as companies offer a wide range of security protections, from the virtually nonexistent to the practically uncrackable. Vice president and general manager of Cybersecurity Sam Visner says, “Data protection is a particularly important concern. Organizations need to ensure that their cybersecurity policies and protections cover information assurance — particularly as they seek to unlock the value of information and big data and use it to make high-value decisions regarding customer strategy, public policy and national security. The survey shows we still have some way to go to allay these types of cybersecurity concerns.” One of the biggest blocks to adoption is lack of understanding of how to proactively protect data. According to Visner, “Information technology professionals in general, and CIOs in particular, need to be informed about the controls necessary to protect their operations and the providers’ approach to meeting those controls. Those contemplating the acquisition of cloud services should look carefully at how security certification or attestation is being performed, and who is performing it.” For SMBs looking for strong security protections, zero-knowledge data policies are essential. This way, only your company has access to your sensitive data.
SpiderOak for Small Businesses
For most SMBs, finding a truly protected third party cloud service can be a challenge as many “secure” services on the market have security gaps that leave data and private company info wide open to third party attacks, leaks, or hacking. One cloud storage and sync service that sets itself apart from the rest of the market is SpiderOak. This service provides businesses with fully private cloud storage and syncing, featuring all of the benefits of the cloud along with 100% data privacy. SpiderOak is available with onsite deployment and private servers or outsourced deployment through a private and secured public cloud server, so that users can tailor the service to fit their needs.
SpiderOak protects sensitive user data with 256-bit AES encryption so that data, files, and passwords stay private. Authorized accounts and network devices can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices because SpiderOak never hosts any plaintext data. This way, even if programs like NSA’s PRISM continue to stand unchallenged, SMBs can rest easy knowing that their data is truly protected. SpiderOak’s cross-platform private cloud services are available for users on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices, allowing for full flexibility and enabling a secure mobile workforce.