In workplaces all across the UK, things like queuing for the printer and the use of filing cabinets are quickly becoming obsolete. There has been an increase in cloud based data storage which is widely seen to be a quicker, more convenient and easier way to manage data than the traditional storage alternatives.
According to Yaniv Bensadon, CEO of technical support website FixYa, cloud-based file storage is becoming the expected method for file sharing these days both on personal devices and in the workplace. With the new General Data Protection Regulation coming into force on 25th May 2018, it is up to employers to ensure the following principles are still met, regardless of how and where workplaces are storing their company data.
Storing data in the cloud does not necessarily mean it will be 100% secure. Workplaces must ensure that their data is protected at all times wherever it exists, and always abide by the principles of the Data Protection Act.
A survey by FixYa discovered that users of the top five cloud storage services (Google Drive, iCloud, Dropbox, box and SugarSync) are still concerned about security and missing files. When the users themselves are actually businesses, workplaces and other organisations - these concerns become more serious.
When the popular cloud storage service Dropbox was hacked back in 2012, a vast amount of data was stolen including the passwords, email addresses and personal details of some of its customers. These hackers were then able to send spam emails to Dropbox’s customers.
Apple’s iCloud was also reportedly ‘hacked’ in 2014, at the time it was rumoured that nude photos had been stolen from the private accounts of 26 celebrities and released online. In this instance it was eventually revealed that the iCloud itself actually hadn’t been hacked, the images had actually been stolen as a result of hackers bypassing Apple’s security system by simply guessing the passwords and security questions of certain users. From then on, the main concern widely associated with cloud storage has been data losses, not data hacks.
Keeping a company’s data secure is just as much the responsibility of its employees as it is the cloud provider’s. Accidents do happen, and problems or data leaks can sometimes still occur as a result of cloud-based storage. Some customers can be understanding of such issues, whereas some will threaten to pull their business. Many disgruntled customers can then choose to publicly share their discontent on social media, which can result in mistrust and a lack of confidence in the company itself. It is crucial to remember that leaks and problems can still happen using traditional methods, so the Data Protection Act must be applied to all of them.
It is important for workplaces to be vigilant and to always treat cloud-based data in the same way as they would any other sensitive information. Simple steps can be taken to protect data. Even the most basic tips have been proven to be very effective, such as insisting workers use different passwords for the cloud than they do to log onto their work PC. Scheduling backups, so that data is always available and kept safe, is also best practice. Automated backups can be arranged, but employees must be proactive and not rely on these entirely. Someone must also actively manage and monitor the cloud storage alongside this.
Workplace cloud file-sharing can still be a quick and efficient way of storing data when used correctly. Employers are advised to keep the Data Protection Act in mind at all times and generally remind their employees that cloud storage was first intended to be used more as a sharing platform, rather than as a storage platform.