Last week, cloud security hit the headlines as a host of celebrities became victims of a major hacking scandal which has cast doubt on the safety of cloud computing systems.

Many individuals and businesses are naturally concerned and are beginning to question how safe the latest form of technology is.

Despite these high-profile cases, it would be foolish to throw the baby out with the bathwater and cloud computing is still one of the most significant advances in IT in recent years and the benefits it brings supersedes any dangers.

In today’s world, the community of people looking to obtain and exploit an individual or business’ sensitive information is becoming increasingly innovative, meaning it is challenging to keep up with every potential risk to your data.

While the general public and celebrities may not be savvy about the potential threats to data, it is imperative that businesses are.

The effects of a security breach could have catastrophic consequences for a business, which is why it is startling that 91 per cent of businesses fail to have an IT strategy in place to combat a disaster.

Data security is paramount to any business that is investing in cloud infrastructure and to the cloud provider itself, whose reputation rests on the protection it can offer its customers.

There are three potential sources of security risk that cloud providers must ensure against: access from those outside of the customer’s business, including hackers; inappropriate access from within the customer’s business; and access to data between different customers of the same cloud.

Cloud encryption systems are becoming a commonplace method to protect data from external attacks.

Information is encoded using a complex algorithm, which can only be decoded using the encryption key. While it is possible for hackers to crack encrypted data, they do not generally have access to the amount of computer processing power they would need to do so.

Businesses using cloud services should always aim to manage encryption keys themselves. These arrangements are sometimes referred to as ‘zero knowledge’ policies by providers: customers are provided with the encryption key by a middle-man service, ensuring the cloud provider has no access to the keys themselves. This ensures no one outside of the organisation has access to the data.

Many cloud customers request multiple levels of authorisation to regulate access to data from within their business. This ensures that only certain individuals can access particular information. For example, a front-line employee may be allowed a limited amount of access, but the head of human resources an extensive amount.

If your business is responsible for highly sensitive information, two factor authentication infrastructure is the most secure way for protecting data. It is essentially the infrastructure that banks have invested in to allow people to access their information online. It requires the person trying to access the information to do something physical, like use a banking identification calculator, and to know something, such as a username and password, meaning the data is very secure. Educating employees to be vigilant towards potential IT threats is also important, such as asking them to regularly update passwords or not to download certain things when on a work computer.

Cloud providers must ensure that different customers cannot access each other’s data. Most cloud providers operate on a multi-tenancy basis, where data from different customers is held side-by-side on the same servers.

This has long been an integral part of secure cloud-based applications, but can leave customers concerned that their data may be visible to other clients.

However, just as a block of flats will house many tenants, but require each to provide their own front door key, access is controlled for each customer with usernames, passwords and data encryption. When a customer logs in to the cloud system, they are not aware of any other customers using it simultaneously and see only their own data.

In an ever more competitive marketplace, it is in cloud companies’ interests to maintain top-level security processes. A reputable provider will make significant ongoing investment in security measures, to ensuring they have the most reliable and advanced data protection systems in place.

Despite even the most robust assurances, there may still be unforeseen circumstances that affect data security. It is vital that you and your cloud provider have contingency plans and recovery procedures that are ready to mobilise should a security failure occur. Investment in using a secure data centre can also help guard against unnecessary downtime and help a business to get back to functioning normally as quickly as possible after an IT or security failure. The consequences of data loss and corporate downtime can have a major financial impact on a business.

Indeed, according to the British Chamber of Commerce, 93 per cent of businesses that suffer data loss for more than 10 days file for bankruptcy within a year. But, equally, if a company survives this, an IT shut-down can affect a company’s reputation and contribute to a loss of customers. To nullify this threat, businesses need to be implementing long-term, robust IT strategies that will not only protect the company’s data but also the company itself.

Unfortunately, cloud security issues are ever-present in today’s technologically-driven world, but as long as a business invests some time and money in developing robust IT strategies, then it will be able to ride out even the most threats. Given the changing nature of workforces and the increase in flexible working, providing access to data wherever an employee is based is a huge benefit. Cloud technology makes this possible, and it is difficult to ignore.