Is backing up my DATA to the cloud safe?
Many of our clients ask the question “Is backing up to the cloud safe?”. In this article we will go over the risks involved in backing up your data to the cloud and true personal experiences that we’ve encountered involving cloud security.
A few years ago we had received a call from a cloud solution provider involving a failed RAID array that was being used to store client databases. They were in the midst of many incoming lawsuits and had only one chance…GET THEIR DATA BACK! So they had researched each company that advertises data recovery throughout the city obsessively. When they called us, I was put on speaker in a board meeting. They had explained the situation and I explained to them that is our specialty and to power the system down and do nothing further to it. They had then proceeded to ask me if I could provide some references, which I responded “Go to our site and choose some testimonials and I’ll contact them for a reference.” They said they would look into it and get back to me. In roughly three minutes they called back and the job was ours. We had successfully recovered their data and saved the lawsuits but ever since then I didn’t really have much faith in cloud security and reliability.
Present day: Monday Aug. 26, 2019 I receive a phone call from a previous client who is a dentist that I had recovered data from in the past. He was in a panic! “Don, I may need your services again, you won’t believe what happened!” We have been using PerCSoft which is a cloud based database for dentists and they had downloaded ransomware and encrypted over 500 dentists companies that use them! I tried calming him down and replied “There isn’t much you can do right now, they are insured through the dental association and you must wait until they pay the ransom and hopefully get the decryption key.” He replied with much anxiety “I know but it’s my business!” All I could do from that point forward was feel for him and all the other dental practices that are now down from using this cloud dental system that just infected by the ransomware that hit PerCSoft. A Facebook group has indicated the ransomware that attacked PerCSoft is an extremely advanced and fairly recent strain known variously as REvil and Sodinokibi.
Apparently they had no choice but to pay the ransom and have been working with a third party trying to decrypt the 500 companies infected. Who knows how much that data was worth?
I always tell my clients that the cloud is fine for pictures and non confidential data but I personally wouldn’t trust it with my business or any confidential data like HIPAA, financial information, or client data. It could be stored on a server in another country for all that you know. They use hard drives that if not monitored properly will eventually fail in time. I’ve experienced more evidence than I need to know what “could” and “has” happened to cloud service providers.