One of the most common concerns our clients have is about Data Security and Privacy in the cloud – and rightly so. We understand that clients may feel some discomfort when private data leaves their premises. However, the analogy we like to use is: Where do you think your valuables would be more secure, in a safe in your house or in a safe deposit box at a reputable bank?
The literature available on Data Security and Privacy is very technical, almost too technical for anyone who is not a technology professional. In this article, we will address some of the concerns our clients have, in plain language, with minimal jargon. Of course, our technically-minded readers are invited to study the literature referenced below or to reach out to our Technology Team.
For the rest of us, concerns with Security and Privacy can be divided into five broad categories:
1. Hardware failure (fire, break-in at data center)
How physically secure is your data center? How well equipped are you in case of a fire or a break-in? What about power loss?
A good cloud-service provider must ensure its facilities can handle these contingencies – and much more, such as: redundancy of servers, sophisticated security with very limited access, back-up generators, state-of-the-art fire suppression systems, etc.
2. Communication Interception (unsecured communications)
The convenience of accessing data from anywhere comes with a trade-off – the threat of your communication being intercepted between the workstation or mobile device and the server.
The most common solution for this threat is to encrypt the data that is transferred between the workstation and the server. Like most banking institutions, Financial Navigator uses 128 bit encryption, which is the highest standard currently available.
3. Unauthorized access to the server (cyber break-in)
If you think your data is safe just because it is behind a firewall, think again.
Having just a firewall is not enough. The software for a firewall must be constantly updated in order to protect against the latest threats. The same is true for other operating system vulnerabilities. A good cloud service provider does this automatically, thereby ensuring up-to-the-minute protection at all times. In addition, the cloud service provider keeps an audit trail of access to the server.
In addition to the above, Financial Navigator’s Data Management Application requires explicit IP address authentication. This allows connections only from a list of specifically registered IP addresses. In other words, if you are trying to access our Data Management Application from your home, you will need to register your home IP address. Contact from an unknown IP address will automatically be denied access. We also have an audit trail to keep track of all additions and changes to the registered list.
4. Data loss (data corruption)
Do you have a Disaster Recovery location? Do you regularly backup your data? Are you confident that you will be able to continue operating with minimal disruption if your database gets corrupted?
All Financial Navigator databases in cloud are backed up daily. We keep recent backups on high availability storage for a quick restoration, should the need arise. Monthly backups are kept on a separate storage system, but can be restored in a reasonable timeframe. As a result, you would experience minimal disruption if your database became corrupted for some unforeseen reason.
5. Unauthorized system access in your name (impersonation)
This is where you make the difference!
Financial Navigator software requires your passwords to be alpha numeric with special characters as well as uppercase and lowercase letters. This makes your password difficult to guess or hack. Our Data Management Application doesn’t “remember” passwords, so the system cannot be tricked into working against you.
What we do need is for you to take proper care of your passwords. Never share them, even with your co-workers. Always grant users the minimum permission required for them to perform specific tasks. Have all users change their passwords frequently. Always be vigilant about security around your workstation. Keep the operating system on your workstation updated. Apply security patches for vulnerabilities as soon as they become available. These practices will greatly strengthen your data’s security.
We are committed to providing the best possible security for your data and will continue to enhance our product with the latest technologies as they become available.
For the more technically-inclined, additional security details can be found at Amazon Web Service.