As a technology integrator, people often ask me if cloud computing is any less secure then the security provided on their internal networks and systems. My answer to that question is: “typically not”. In fact, utilizing a cloud computing solution can help you as an individual user and your organization provide a more secure and easily accessible environment.
In visits to client sites I’ve found regular problems when reviewing existing networks. Some of these elements are easily fixable, such as passwords security. A few examples of weak security are things like passwords being set to never expire, allowing for non-complex passwords such as “password” or “12345” or, believe it or not, requiring no password at all. These types of passwords are usually the first means of attack a hacker would try to use to access any network system. However, when people retrieve online banking information, credit card statements, cell phone accounts, etc., password strength is strictly enforced by these institutions to minimize a hacker’s ability to access an individual computer or network. According to Microsoft’s Safety & Security Center, the primary elements to a strong password are Length and Complexity. In addition to that, we also recommend setting automated policies to force users to change passwords every 90 or 180 days. The same policies hold true whether you’re accessing a local network or using cloud computing technology solutions such as hosted email, fundraising systems or case management systems.
A reputable cloud-based solution would help enforce best-practices for computer security. Some of these best-practices are things like strong passwords, which comprise of a combination of eight alpha-numeric characters or more, including an upper case letter, number and or punctuation/symbol. A secure policy would also force its users to change their password on an automated schedule of every 90, 120 or 180 days, also preventing them from using the same password as the previous four times. In addition, it is common for many cloud-based offerings to provide options for auditing user access, password changes, access rights changes and other object access or changes, allowing IT departments and providers the ability to better manage security for their sites.
How many of you are now trying to figure out how to change your local systems passwords…….