Of the concerns people have about cloud security today, data control and data loss rank high—just second behind BYOD according to Infonetic’s April 2013 report. No wonder the market for cloud-based security services is growing at 69%.
Data control and loss is top of mind at Sendmail, too, where we recently announced new products and services to help large organizations securely move and keep email safe in the cloud.
Despite the popularity of texting and social networking, email remains the preferred method of communication in the enterprise, transporting not only the data within the messages themselves but via the attachments they carry with them.
Not only is this a ton of data, most of it is considered sensitive.
So what happens when all this email data is moved to the cloud? What are cloud providers and security vendors doing to secure it? Should businesses be concerned?
Most definitely yes.
Instead, many businesses are rushing to email-in-the-cloud without taking a fresh look at how to keep sensitive data from getting into the wrong hands—whether its unlawfully transferred, stolen, or simply accidentally sent where it shouldn’t have been. This is a mistake, because the migration of email to the cloud requires proper planning and new methods of management.
If your organization is thinking about making the move to cloud-based email, here are some things to consider:
- Keep high-value email user accounts on-premises, maintaining strict management and encryption of their message flow, while allowing rank-and-file users onto the cloud where most providers don’t have the robust policy engines or TLS, S/MIME and other message encryption required to ensure the strictest level of data security.
- Even the basic policy enforcement and spam filtering offered by cloud providers may require access to your Active Directory and other LDAP sources, which creates security and privacy concerns.
- Identify which applications can’t be run in the cloud as they require access to data that isn’t exposed to the Internet.
- Unless you go private, the cloud is a publicly shared resource using shared resources and comingled databases and logs, which means forensics, log data, auditing, messaging tracking and other features you get on-premises either aren’t available in the cloud at all or can take days to request it from the cloud service providers.
- A company may feel comfortable with and trust their cloud provider after doing their due diligence, but cloud service providers often have a multitude of partners (data center partners, storage and back-up for example, who they themselves have partnerships with). Businesses need to have a complete view of the entities that their data may be exposed so they can make informed decisions and reduce their risk exposure when moving email to the cloud.
Sendmail, and our cloud partners, provide enterprises all the necessary tools, services and expertise to help them reap the benefits of the cloud while minimizing the security risks of moving email to the cloud–check out our recent press release summarizing how we are helping Fortune 1000 companies do just that.