Despite security concerns, new cloud users still overlook critical data safeguards
Through 2022, say experts, at least 95 percent of cloud security failures will be the customer’s fault due to the lack of effective data security strategies.
As migrations go, the data-to-cloud migration is perhaps one of the most rapidly growing migrations in history. But while there are many good reasons why healthcare organizations are moving, and probably should move, many of their applications and workloads to the cloud moving data is certainly not without risk.
Writing recently at NetworkWorld, Rick Braddy, founder and CEO of Houston-based SoftNAS, a cloud data platform company, described seven common pitfalls to which companies have a tendency to fall prey.
First was the absence of an overall data protection strategy. As he sees its, whether a company’s data are “safe at rest or in-transit,” it’s absolutely critical that it be recoverable if disaster strikes. “Consider the threat of corruption, ransomware, accidental deletion, and unrecoverable failures in cloud infrastructure. If the worst should happen, and you expect more than an apology or a refund, then a coherent, durable data protection strategy is essential.”
Another pitfall, says Braddy, is the lack of a rapid data recovery strategy. “(F)ew cloud native storage systems provide snapshotting or offer easy rollback to previous versions, leaving you reliant on current backups,” he says. “You need flexible, instant storage snapshots that provide rapid recovery and rollback capabilities for business-critical data and applications.”
Yet another, related oversight is the lack of a data availability strategy.
As he sees the cloud world in practical terms, “Hardware fails, people commit errors, outages are an unfortunate fact of life. It’s best to plan for the worst, create replicas of your most important data and establish a means to quickly switch over whenever sporadic failure comes calling. Look for a cloud or storage vendor willing to provide an SLA guarantee for your business.”
Other oversights include no multi-cloud interoperability strategy – “Vendors want to entangle you with proprietary APIs and services, but you need to keep your data and applications multi-cloud capable to stay agile and preserve choice.” – and no disaster recovery strategy.
In the end, he understands the temptation to cut corners and keep costs down with data management, “but it’s short term thinking that could end up costing you a great deal more in the long run. Take the time to craft the right strategy and you can drastically reduce the risk.”