How Safe is Cloud Digital Asset Management?
Short Answer: Very safe.
Ok, Ok, we understand that the short answer may not satisfy everyone, so here’s the longer answer.
Cloud storage is a relatively new technology, but like most digital technologies, the developments in just a few short years have fundamentally changed the industry. Looking back at the early days of cloud storage (more than 10 years ago), there were legitimate questions about the ability to keep content and data secure in cloud environments. Most organizations preferred to keep their important data on in-house servers. Those in-house or on-premise servers work well and provide lots of controls and speed, but only for your internal team. They also cost a lot to maintain because you need an expert to manage the systems. For many companies and organizations it is simply too expensive and difficult to manage a server system internally.
What makes cloud storage different than these in-house systems is that the data is stored elsewhere. (It’s not actually stored in a cloud!). Instead of having a room full of servers at your office, there are warehouses, called farms, full of servers at other locations. Some larger organizations build and maintain their own cloud systems, but this is incredibly expensive and there are so many companies specialize in cloud storage that companies can buy space from.
Companies providing cloud storage options, such as Amazon and Microsoft, have the resources to build massive systems with the latest technology and cutting edge security, so that smaller companies can get the benefits of billions of dollars of investment.
How is data secured in the cloud?
To keep data safe, cloud service providers offer a number of ways to make sure that data is protected from breach and also protected from other risks, like fire or weather damage.
Encryption
This is a big one. All data is encrypted so that even if it is stolen or breached in some way, no one can access and use the data without the encryption key. It’s similar to needing a password to access something. Without the password, you can’t use it. There are a number of ways to encrypt data, some stronger than others. Image Relay uses the AES-256 algorithm, which can be used for top-secret government information. AES-256 can eventually be broken using supercomputers to test all the potential arrangements of the key, but estimates are that it would take a couple billion years to crack the code. Earlier types of encryption could be broken in minutes or days with powerful enough computers. If your data is encrypted today, no one will be able to access it without the encryption key.
Firewalls
Firewalls place limits on what different accounts can access. So, in the case of an account being compromised, a firewall would prevent that compromised account from accessing data elsewhere in the cloud.
Logs
These keep track of all actions in a system. When something bad happens or there is a suspected attack, logs help determine the source so that appropriate action can be taken.
Intrusion Detection
Cloud providers have advanced systems in place to detect potential attacks and automatically alert administrators and take appropriate system actions. This is a quickly evolving area and cloud providers spends millions developing the most sophisticated and multi-layered intrusion detection systems.
Physical Security
If you’re storing things on a server in your office, the physical security might stop at a single locked door. For places like Amazon’s AWS server locations, think multiple layers of doors, armed guards, security cameras, biometric controls, door codes, keys, keycards. In other words, more secure than your office (unless you work at the NSA or something). We’ve heard stories of data being lost because someone broke in and stole an on-premise server from an office. With the security at places like Amazon AWS locations, the chances of that happening are basically zero.
Redundancy
Redundancy is not just about securing data and making sure nothing gets lost, it’s also about making sure that your data is always accessible. Instead of storing data in one located, it is duplicated across multiple locations. That means if there is a power outage or major disturbance in one place, your data is accessible from another location.
Redundancy is one of the most important differences between cloud storage and storing data in a single location. It is how risks can be minimized, kind of like how a bank can minimize risk of theft.
The same way that your money is probably safer mixed up with other people’s money in a bank vault than it is sitting alone in your dresser drawer, your data may actually be safer in the cloud: It’s got more protection from bad guys.
Image Relay’s use of Amazon AWS guarantees 99.999999999% durability. According to Amazon, that means:
For example, if you store 10,000,000 objects with Amazon S3, you can on average expect to incur a loss of a single object once every 10,000 years.
For cloud digital asset management, a single object lost every 10,000 years isn’t too shabby. So, while cloud digital asset management is safe, an important question to consider when thinking about your digital asset management is: How much security do I need?
What are you trying to do with digital asset management? Lock down your assets or make them accessible and share them?
We think the answer is obvious - you want to share them! That’s the point of digital asset management.
When choosing a digital asset management system, a better question than “who is the most secure?” is “who is the easiest to use?”
Photo by Chris Barbalis on Unsplash