‘The cloud’- we’ve all heard of it and we’ve probably all used it, often without giving it a second thought. The term ‘cloud software’ conjures up the image of your data floating above your head, ready to be plucked from the air as you need it…The reality is a little different. It is actual physical data storage, and that storage does involve hardware systems and their inherent security risks. Therefore it is vitally important to understand the different ‘cloud data security’ options available to you and what choice is the most appropriate in order to keep your business safe, minimizing the risk to your data.
Many software programs now run purely on the cloud, and the data within these programs is also stored on the cloud, allowing easy access to the program wherever you have internet access. However, it is important to be mindful that this convenience does come at the expense of your data security. In our industry, the level of care required to ensure your guest and owner data is secure is not only a moral requirement, but also a legislative one. This said, it is important to be aware that all is not equal when it comes to cloud data security and storage, and it is vital that you understand the inherent differences between your options.
When looking at cloud options, the one that most readily comes to mind is the public cloud. These are low-cost storage systems owned by an outsourced cloud provider, the likes of Microsoft Azure, IBM cloud or Google Cloud. Within a public cloud environment you share hardware, storage and network devices with other ‘tenants’ and access your account and services using a traditional web browser.
Public Cloud systems are easily scalable as additional storage is required, have no geographic barriers, and are available on any device with access to the internet. Maintenance and development of the infrastructure is up to the cloud provider, and is very much a one-size fits all approach. They are ideal for smaller to medium sized businesses looking for lower cost solutions, but by their very nature, they are generally the least secure solution for sensitive data.
Think of it like a bank…Customers deposit their money, which is all held in the same vault. If someone manages to break into the vault, they have access to everyone’s money. Now substitute money for data, and you get the picture.
By comparison, the private cloud is a storage system that is exclusive to the associated organisation. It is a dedicated secure environment that cannot be accessed by others. It may be located on premise or via a 3rd party vendor off site.
Private cloud data security is customizable based on the business needs, and organisations can configure and run protocols to ensure compliance to stringent regulations. It remains scalable and efficient without compromising security, mobility or performance. Maintenance and development are controlled by the organisation and hence is flexible and customizable.
Now, to get access to your ‘money’, the would-be thief must not only break into the bank’s vault, but also into your personal safety deposit box inside that vault. Access to one does not mean access to all.
In our industry, security and privacy of both owner and guest data is highly regulated. Potential breaches of these regulations are the responsibility of the accommodation business provider, not the cloud storage provider, and the punishment for breaches can be very costly.
The private cloud is recommended for any such highly regulated industries. Interestingly, and perhaps tellingly, Government agencies and financial institutions use private cloud, mitigating risking their sensitive data to the public platform.
It is important to remember, in the quest for convenience, that you don’t sacrifice security. Private cloud options can provide the happy medium between ease of access and the data security you and your business deserve.
Comments are closed.