Information security an ongoing and participatory process

Let's face it: information security is little more than a wish or goal. If you believe that an application, data storage or infrastructure is completely secure, then we need to talk about the idea of ​​continuity and accountability.

Security goes beyond the structure provided by cloud computing , and needs to be considered a continuous work process and responsibility shared by all who are part of an organization .

Real examples, with financial impacts and on the image of large companies

The year is 2014 and the giant Sony had approximately 1.5 terabytes of stolen data, in other words, unpublished episodes of the Game of Thrones series and other relevant information leaked. How does a leak of this proportion happen and nothing is noticed?

Yahoo had one billion user accounts hacked in 2013 and in June 2017, government websites in four states, New York, Maryland, Ohio and Washington, were hacked, anti-American messages were displayed.

In all cases, what we have in common are the financial and image impacts on companies and institutions that are aware of the importance of information security in their commercial strategies and, therefore, make large investments in cutting-edge technology, regardless of whether it is in the cloud. or not .

So the question that arises is how public organizations and private companies suffer from security incidents in this proportion, even being aware of the subject and investing so much?

Read too:

Is the cloud migration process safe?

Information security is a challenge, not a rocket ship

The great challenge of information security for companies, regardless of their size or sector, does not depend only on the available infrastructure or the adopted authentication processes to become sufficient. All it takes is one click on an innocent email message by a well-meaning employee to bypass years of effort and millions of dollars invested.

Like Amazon, investments in network assets, software , certifications and compliance are a priority and are offered to all its customers, of different sizes, sectors or countries. Cloud computing does its part and does not treat information security as a seven-headed animal and therefore incorporates the challenge as a continuous and shared process.

This sharing occurs due to the need for everyone to do their part , in addition to all the necessary infrastructure to guarantee security, it is necessary that companies and their employees respect the policies and processes created to reduce the risk of security incidents.

In addition to preventing, it is necessary to know how to deal with situations such as those described at the beginning of the article. Knowing how to recognize occurrences is part of the continuous improvement process and demonstrates that companies are concerned with information security and do not measure efforts to ensure it continuously.

Learn more about information security in the cloud through our blog and social networks. your doubts with Sky.One specialists and guarantee the data and information of your customers and your company.

#informationsecurity #cloudsecurity #AWS

Read too:

Cyber ​​risks: what they are and how to protect your business