I always believe in looking ahead, but this week I’m making an exception to feature World Cloud Security Day which was yesterday. I bet with that opening some of you already stopped reading, but if you are still here, know that there is something in this letter for you.
First, let’s define what cloud is and how it works. Your emails, calendar sync, online file storage all runs on cloud technology. An oversimplified way to put it is that cloud is collection of interconnected computers owned and maintained by someone else. This definition helps us focus on the important fact that most security concerns for your PC or Mac also apply to cloud technology. I often find people over trusting cloud providers like DropBox, Google Drive, Microsoft OneDrive, and etc. Cloud providers actually only offer very limited protection for your data. To stay competitive, they keep their costs on security to a minimum as most people only pay attention to features and functionality. Don’t worry – as always, I will take you through some good cloud security practices so you can sleep better at night.
So how do you secure your data in the cloud? A great place to start is to check your cloud service settings. Here are few helpful ones to review:
Complex Passwords: Make sure your passwords include combination of upper case, lower case, special characters, and numbers. A good rule of thumb is minimum 12 characters.
MFA: Enabling multi-factor authentication is strongly recommended to keep bad guys from accessing your account. If you are the account administrator, I also recommend enforcing this for all team members in your account.
Permissions: Chances are not all team members need access to every folder in your cloud storage. Adjusting permissions help limit the scope of damage if a regular user’s account gets breached as they can only wreak havoc on folders they have access to.
Login Alerts: Email alerts for suspicious logins and/or all login events are often available as an option. Login alerts usually get emailed to you so you can take immediate steps to secure your account.
Activity Alerts: Some cloud storage providers such as DropBox offer advance notification features which can be very helpful. Alerting of mass file deletions or modifications can help you take action quickly and lock your account.
In addition to the list above, there are third parity services that can continuously scan your data in the cloud against threats as well as provide security alerts. While I’m unable to make specific product recommendations since the services we use are for IT providers, a quick Google search should show a number of results. Just do your research before signing up for any service since bad guys often hide malicious code behind tools that look legitimate at first.
No matter how many locks you have in place, you should always be prepared for a break-in. Here are some important considerations to save the day when the unthinkable happens:
Backups: Much like your computer, cloud services should also be backed up regularly. Most cloud providers offer limited options to restore your data to an earlier date, and it can take a long time to get help from them. Downloading and keeping a local (offline) copy of your cloud data weekly will help you get up and running quickly if your cloud data is not accessible. However, this will be tedious and backups are often outdated. The best option here is to use a third parity cloud based backup provider which can take a snapshot of your data daily and you can quickly restore from when needed. One golden rule here is to ensure your backups are active by checking them regularly and performing restores time to time for verification.
Cybersecurity Insurance: Imagine losing all your data and how much it would cost your business to get up and running again. Once you can put a dollar amount on this catastrophe, you can call your insurance company to add a cybersecurity coverage. Keep in mind, insurance companies will ask various questions before providing you with a proposal. The more security practices you have in place, the higher the chances of them accepting your application and offering you a reasonable premium. We can help!
Incident Response Plan: Having a document that outlines important contacts and your response plan for potential cybersecurity breaches makes a world of difference. There are a lot of critical steps such as preserving evidence, reducing exposure, and documenting the sequence of events. Having a plan ready will help you sleep better and avoid hysteria when a cybersecurity breach happens.
Much like you, I find technology full of magic. It makes so many aspects of my job easier. Even if it’s at a limited capacity, taking a bit of time to understand the inner workings of this magic and improve your cloud security will help ensure you will always be entertained but never fooled.
Wishing you a less cloudy and more secure week,
– Burak Sarac, Team Lead
Recall an Email in Gmail
While proofreading an email is a must, there are always times when you end up missing things. It can be anything from a simple typo to sending it to the wrong recipient. And if you end up clicking the send button, then it’s as good as gone. But is it? With the recall feature, you can now unsend emails in Gmail. Learn more here.
Chips and Dip Day is March 23rd
Chips and Dip Day celebrates a perfect snack, the combination that is irresistible to everyone. Chips and dip can be put together by anyone! It is a quick and easy dish you can whip up for parties or munch on as a snack, and there are so many varieties you’re sure to find an option for any occasion. In fact, here are 50 different recipes to check out!
Convert Google Slides to PowerPoint Seamlessly
Google Slides is used by many professionals and students for creating and sharing slides. While it is possible to recreate your presentation in PowerPoint manually, it can be tedious, especially if you have many slides with complex formatting. But what if we told you that you can convert Google Slides to PowerPoint without losing formatting? This article will show you how.
World Retrospective Day is March 25th
World Retrospective Day was created to highlight the importance of retrospectives as a practice. The term stems from software development but its applicability is more wide-reaching, as various work spaces begin to recognize the need for better team practices and culture-setting. Retrospect is a powerful tool or practice because it can be adapted to suit the work and the team, and because it fosters deeper engagement and self-reflection — on both an individual and collective level. Learn more about retrospectives here.