Implementing data management protocols should be considered a matter of necessity for any business within the nuclear sector, particularly when looking to use cloud technology, as extra vigilance is required. But why is it so important and how do we implement it correctly?
In this recent article from Nuclear Connect Magazine Michael Douglass, Director at Yellowbus Solutions Ltd, discusses the safety of using ‘cloud technology’ and guides us through some best practice methods for companies to keep their data secure.
How does ‘cloud technology’ work for the Nuclear Industry?
A cloud network is a collection of remote servers hosted on the internet to record, store and manage data, as opposed to holding data on local servers. In today’s increasingly mobile world, cloud networks have become progressively popular, offering instant access to data from locations all around the world.
What benefits are there to hosting your data in the ‘Cloud’?
Cloud technology offers a number of benefits, but mainly, it provides authorised personnel access to data anywhere and anytime, offering flexibility, increased collaboration and improved monitoring. Implementing centralised encryption and backups translates to better security, data loss prevention and easier disaster recovery which can be extremely beneficial throughout the data lifecycle.
What are the risks of a cloud network and is it secure?
Implementing the right security protocols and controlling who has access to data means that using a cloud infrastructure can be very safe, however, as cloud network access proliferates throughout the industry, the degree of risk also increases. This can include insider threat, cyber-attacks, and data tampering from competitors and the media. Therefore, it is important that data is managed with a set of security policies that will protect legal records and sensitive data from these risks.
What protocol should I follow to ensure data is secure?
For best practice, you should abide by these 6 ways to safeguard your cloud network as a minimum;
- Know where your data is – With so many cloud technologies and hosting providers, do you really know where your data is kept? Ensure you do thorough research into the provider, their security levels, and exactly where your data and backups will reside. This will allow for compliance if your company or clients require data to remain somewhere specific, such as only within the UK or Europe.
- Encrypt your data – This will limit traceability as the data will be recoded into another form which can only be understood by authorised parties. By encrypting the Cloud platform used, sensitive emails, hard-drives, and all removable data, you will have peace of mind should there be any disruption.
- Implement password policies – On average, a basic 9 character password will take just 7 milliseconds to crack, but by simply adding a capital letter and a special character, you can increase this to 14 years. Although hackers are continuously getting smarter, you can stay one step ahead by regularly updating all your passwords and always incorporating a range of characters.
- Regulate social engineering - Occasionally, staff are the easiest way into a network due to careless actions such as opening unfamiliar links in emails, giving details over the phone and leaving written documentation in unsecure places. This naivety can be addressed by putting a staff policy in place that will educate your employees on how to reduce risk and avoid security breaches.
- User Training – Ensure current and new employees are fully aware and trained on security issues and how to avoid potential breaches. This should include best practice methods such as not posting information on social media and regularly updating individual passwords.
- Personal device protection – Often, companies operate on a ‘bring your own device’ (BYOD) system and therefore it is vital these devices are protected when they are linked to your network. This should include password and anti-virus protection as a minimum and should enable remote tracking and system wiping to reduce risk if the device becomes lost or stolen.
The bottom line is that the fast growing nuclear sector requires the very best in data management. Although there will always be risk, with managed IT services, security and support, this can be prevented. It is highly recommended that you complete regular audits to confirm the protection and whereabouts of your data. As highly reputable suppliers to the nuclear industry and specialists in data management, the team at Yellowbus Solutions Ltd are able to answer any of your questions on this topic. You can contact Michael Douglass directly and in confidence on 01925 838386 or by email to michael.douglass@yellowbus.uk
For further information about Yellowbus Solutions Ltd, and their services within the nuclear sector, please visit www.yellowbus.uk/nuclear