Cloud Security Alliance identifies new data security risks
The Cloud may be a hole in your data security.
As concerns grow regarding how secure your data really is when stored in the Cloud, the industry must react. The Cloud Security Alliance (CSA) has made additions to the guidelines of its Cloud Control Matrix (CCM). This attempt to fortify its reputation as a safe tool for business is positive for users. The Cloud wasn’t necessarily designed to prevent a data breach, but it certainly shouldn’t be a hole in your company’s data security. So how many of these guidelines does your business adhere to? Where are your holes?
A mobile device can be the key to a data breach.
It should come as no surprise that the first of five new categories added to this version of the CCM is mobile security. The CSA has apparently been running into issues with how the Cloud is accessed through mobile devices, so much so that they felt it was necessary to outline best practices for how employees should use cloud-based services on their phone.
Sean Cordero, one of the executives in charge of creating the new guidelines, believes that each company must have a strict policy in place for what services are allowed to be used on an employee’s phone. Sometimes even when such a policy exists, the company fails to make all of its employees aware of it.
Does your company limit what services can be used on mobile devices? The Cloud is convenient, but if someone has access to it, they have everything. If passwords are stored in a phone or even if user history exists, it could be easy for a cyber criminal with possession of the device to access the data your company has in the Cloud. At that point a data security breach could be massive.
Maybe your company has implemented a strict policy for mobile devices. Can you be sure none of your employees bends the rules when he/she takes work home? Cordero points out that it’s common these days for employees to simply use their personal devices for work instead of a company phone. Services like the Cloud have made the transitions from personal to professional life seamless. But that’s not good for your company’s data security.
An employee looks at his personal phone as a tool for life, not just business. This means he may not think twice about sitting back on the couch and moving from personal email, to work email, to the Cloud. And because it’s his tool for life, he takes it everywhere, making the odds of it winding up in the wrong hands (anyone’s hands) exponentially more likely. When it’s time for a new phone, he may not even consider what sort of company information his phone could expose.
Don’t worry; TechR2 wipes mobile devices clean.
While TechR2 specializes in all kinds of onsite data destruction and general data security, its system of collecting and recycling retired mobile devices is simple and effective. When an employee moves on to a new mobile device, don’t risk having it disposed of at his/her discretion. It’s crucial that once it’s out of use it never leaves the building. With TechR2, all mobile devices must be deposited into the secure container at your place of business. Then, the TechR2 team comes to your site to destroy the retired devices and then recycle them responsibly.
Advanced services like are available for companies that want elite data security protection. These days, who wouldn’t? Secure containment, inventory tracking, and certified onsite data destruction—TechR2 has you protected.