CHRIS HARRIS , EMEA TECHNICAL ASSOCIATE VICE PRESIDENT , DATA SECURITY , THALES
intelligent
// EDITOR ’ S QUESTION ?
CHRIS HARRIS , EMEA TECHNICAL ASSOCIATE VICE PRESIDENT , DATA SECURITY , THALES
C loud security is now at the heart of business security concerns , according to Thales ’ Data Threat Report , with 72 % of organisations citing this as an ongoing issue in the age of cloud computing . With many SMEs facing additional security concerns , given they often have fewer dedicated security teams and less robust defences in place , protecting cloud data is of paramount importance in today ’ s climate . With this in mind , here are some best practice tips for SMEs looking to strengthen their cloud data protection :
Prioritise compliance
Enterprises that successfully passed their security audits had significantly lower chances of cloud data breach . According to the 2024 Thales Cloud Security Study , 14 % of respondents reported a cloud data breach in the last 12 months , compared to only 4 % of those that passed their compliance audits . What may seem like a mundane tick-box exercise is clearly a critical requirement to ensure defences are robust enough to stay ahead of an ever-changing landscape .
Take a proactive approach
Although complying with requirements is essential , taking a proactive approach is especially important as the landscape rapidly develops and changes form . Businesses should continually assess and audit their defences and change how they ’ re authenticating their systems and data accordingly .
Instead of waiting for the eventuality of a breach , business leaders can also practice proactive tabletop exercises , so they are prepared should an attack take place . This allows them to tackle weaknesses and vulnerabilities that emerge ahead of real threats .
Address lack of encryption
There is an alarming lack of encryption across cloud data , according to Thales ’ research . Less than 10 % of enterprises said they have encrypted 80 % or more of their sensitive cloud data . SMEs need to roll out widespread encryption to ensure data – whether at rest or in transit – is safeguarded against unauthorised access .
“
WHEN DEVELOPING
DEFENCES AND ROLLING OUT SECURITY POLICIES , IT ’ S IMPORTANT TO CONSULT EMPLOYEES ABOUT THEIR PREFERENCES TO ENSURE THE MEASURES ARE FEASIBLE AND NOT SUBJECT TO WORKAROUNDS .
Segment access
The 2024 Thales Cloud Security Study found that 47 % of data in the cloud is sensitive , making the implementation of access controls more important than ever . Businesses should segment access to ensure only essential personnel can reach sensitive data . Additionally , implementing multi-factor authentication ( MFA ) requires users to verify their access rights through multiple authentication factors .
Tackle human error
Thales ’ 2024 Data Threat Report revealed human factors are still a major cause of cloud data breaches , with cybercriminals capitalising on the human propensity to make mistakes in order to capture sensitive credentials or gain access to the cloud .
From a technical perspective , SMEs can consider shifting from passwords to biometrics or other stronger , easier-to-use systems like passkeys . This reduces reliance on the human memory of their workforce . When developing defences and rolling out security policies , it ’ s important to consult employees about their preferences to ensure the measures are feasible and not subject to workarounds .
From a behavioural perspective , cybersecurity awareness training is critical to build cyber literacy across the organisation . This training encourages critical thinking to spot threats like phishing emails and promotes a culture of collective responsibility , highlighting the role employees play in protecting both themselves and the organisation . �
Intelligent SME . tech |
|
. tech |
23 |