One of the primary reasons organizations and individuals adopt cloud applications is to take local devices—PCs, tablets and smartphones—out of the security equation. Unfortunately, life is not quite that simple. Adopting software-as-a-service applications can reduce the impact of local device corruption, but it does not eliminate the risks that your computer or mobile device can pose to your cloud data.
The first and most obvious example of local security breaches affecting your cloud data is the presence of a keylogger trojan, a form of malware that covertly records every keystroke you input on your device and transmits those records to a malicious third party. Reviewing your keystroke logs can reveal your usernames and passwords to all your cloud services, to say nothing of exposing credit card numbers or personal details that can be used to instigate an identity theft. A compromised device can offer a hacker the keys to your cloud kingdom, with you none the wiser until it is too late.
Moreover, the separation between cloud data and local data is not so absolute as it would first appear. File-syncing programs like DropBox, Box, or Google Drive connect a folder on your local device and replicate its contents to the cloud, which in turn replicates those contents back down to any other device where you maintain an equivalent file-sync account. As such, corruption of a local version of the data in your file-sync folder could be copied to the cloud and, from there, everywhere.
Worse still, ransomware—malware programs that encrypt data on your local device and will decrypt it only for some extorted sum—are ideally suited to prey upon file-sync systems. Look no further than the CryptoLocker outbreak in 2014 for a prime example of ransomware attacking cloud-based file syncing services.
Below, we outline three basic tactics for preventing and mitigating the effects of local device corruption on your cloud data.
The old tricks are often still the best ones; every computer or mobile device needs some form of anti-malware application running at all times. Anti-malware programs—formerly known as antivirus programs—can inoculate your local devices against any of the most common and most of the more dangerous forms of malicious software running in the wild. A professional-grade anti-malware suite protects against conventional viruses designed to damage your data, as well as spyware programs designed to steal information from your system. Anti-malware is your first line of defense against local device corruption.
Timely Software Updates
To further the inoculation analogy, vaccines are only effective if kept current, and anti-malware systems are only useful if their databases are properly maintained. Anti-malware works by comparing all incoming data to a list of digital signatures known to correlate with documented examples of malware. New types of malicious software are developed every minute, so it behooves you to keep your anti-malware suite up to date.
That said, anti-malware systems can only screen for known viruses, spyware programs and the like. All malware takes advantage of vulnerabilities in software—known technically as exploits—but every form of malware leverages these exploits in slightly different ways. Thus, an even better defense against malware is to keep your core software up to date, particularly your operating system. These updates close the exploits that malware uses to prey on your local devices, stopping a whole range of viruses, worms and trojans before your anti-malware even needs to worry about them. Keeping all your software up to date—not just your antimalware suite—is your best defense against local device corruption.
Unfortunately, no amount of vigilant software maintenance can keep your local device completely safe from corruption from malware. Zero day exploits are vulnerabilities that are so new, software developers either aren’t aware of them, or haven’t yet determined how to correct them. Hackers can discover and utilize zero-day exploits to invade and corrupt your local systems before any software-based defense can be mustered. Zero-day exploits are both so powerful and so common that an entire black market has emerged around their development and sale.
The only real defense for your cloud data against a zero-day exploit is cloud-to-cloud backup.
A backup represents an independent, third-party copy of your cloud data that is not and cannot be accessed in the same manner as your frontline, in-production software. That means it’s safely removed from any zero-day exploits applied to your local software on your local device. A backup can restore the data that a zero-day exploit makes it impossible to defend.
Cloud-to-cloud backup means that all the same reasons you entrusted your primary data to the cloud—hardware redundancy, ease of access, centralized management—now also benefit your backup and recovery solutions. Cloud-to-cloud backup is the third and most vital aspect of any plan to defend your SaaS data from local device corruption.
Put more simply, a combination of anti-malware, vigilant software updates and cloud-to-cloud backup is the most incorruptible design for a SaaS backup and recovery plan.