By Alexander Eiriksson, COO at Securstore
July 12, 2013

Securstore Online Data Backup Expert Tips: Device and Application Risks—Cloud Security Strategies

There are a number of Cloud based tools to ensure data security. But, have you evaluated device risks and application risks?

Device risks are risks associated with the Bring Your Own Device (BYOD) strategy that is being increasingly adopted by organizations. Consider the scenario. Your employees use their own SmartPhones to access and work with the enterprise data. They may have downloaded information on their devices for ease of access. They may have stored their passwords on the device for instant link up. If the phone is lost or stolen, the information contained in that device will be compromised; your database will be vulnerable. If the device does not have anti-virus software installed, any upload from the device may expose your data stores to malicious attacks.

Application risks stem from the installation of custom mobile applications that may have been purchased from third-parties, employee-developed or enterprise-developed. The security holes may be unknown and any flaws in the software construct may expose the organization network and databases to unauthorized access. A number of mobile vulnerabilities have been identified. These include insufficient transport layer protection, weak server side controls, insecure data storage, client side injection, poor authentication and authorization protocols, and broken cryptography.

Intelligent device and application security management may resolve many of the issues mentioned above without curtailing the freedom of the employee or putting organizational data in peril.

Given the proliferation of BYOD and the number of entities connecting to the network, obviously, perimeter security (while still necessary) is no longer sufficient. Organizations must involve their employees in security management. Employees, who are permitted to bring their own devices, must be trained to take security risks seriously. Physical security of the device and application level security of the data must be repeatedly emphasized to drive home the importance of ensuring that enterprise data is never to be compromised or exposed to malware or virus attacks inadvertently by employees using their own devices.

However, device lockdown will not be necessary if data level security systems are implemented intelligently. Data can be partitioned and enterprise approved applications may be made to work around this data.  Sensitive data can be firewalled and content encrypted and mandatorily stored within an encrypted container on the employee device.  The container can be malware protected and isolated from other applications on the device.  This will empower the employees and also allow them the freedom to use their SmartPhones and other hand held devices optimally for personal and official work.  The resultant agility will be to the advantage of the organization!

Securstore provides a bespoke offsite backup solution catered for customers who have both mission-critical data and non-critical data i.e. it provides customers with a secure & efficient backup and recovery solution which is sustainable over time. This coupled with agentless technology and advanced support for all environments and applications makes it suitable for any type of business, data centre provider or reseller.

Visit Securstore website

Watch Securstore video – guided tours

About the Author: Alexander Eiriksson is the COO of Securstore, an Asigra based cloud backup provider certified by British Standards Institute for ISO 27001 and ANAB. Established in 1991, Securstore provides businesses and enterprise customers a technically advanced solution in UK, Europe, USA, Africa, Asia and the Middle East.


General Tags: online backup providers directory, CEO interviews, cloud computing, backing up online, online backup reviews, compare online backups, online backup companies, SaaS, data security, online backup, data storage, online data backup, online file storage, online backup news, online file backup, online backup services, top rated online backups, software as a service

Like us on Facebook

Do you like this post? Subscribe to our RSS feed ===========================


Related posts:

  1. Securstore Online Data Backup Expert Tips: Defense in Depth – Cloud Security Strategies
  2. Securstore Online Data Backup Expert Tips: Application as a Service
  3. Securstore Online Data Backup Expert Tips: Asigra V12 – Device Agnostic Backup Technologies
  4. Securstore Online Data Backup Expert Tips: Endpoint Security – Study Reveals Status Quo
  5. SecurStore Online Data Backup Expert Tips: Optimizing Enterprise-Wide Backup Strategies
  6. SecurStore Online Data Backup Expert Tips: Face It! Data Security is a Pain in the Neck
  7. KineticD Online Data Backup Expert Tips: Identifying and Avoiding Potential Security Risks in Cloud Computing
  8. SecurStore Online Data Backup Expert Tips: Email Security and Online Backup
  9. Securstore Online Data Backup Expert Tips: Get Started and Keep Going – The Cloud Requires No Babysitting!
  10. Securstore Online Data Backup Expert Tips: Tips and Tricks for Cloud Backup

Tags: , ,