The question “how secure is cloud accounting?” is one that is raised by almost everybody making their first move to using the cloud. The term “cloud accounting” is the use of online accounting software where your data and software are stored on a server which is accessed via the internet. This is “the new way of working” compared to the traditional method of software delivery where the software and data are stored on your computer or server hard drive.
Your data on someone else’s computer
Cloud accounting security is at the top of most cloud users’ minds. As cloud accounting allows you to access your data at any time, in any place from any device it is very attractive and brings numerous other benefits. But what about security?
The simple fact is that with cloud accounting your confidential and personal data, including for example your customer list, your bank balance and accounting information is being stored on someone else’s computer.
How secure is the cloud?
Charles Kavazy, Director of IT Services at Hawsons says: “It depends. Of course that’s not a very helpful answer, but much depends on many factors including your attitude to risk, the nature of your data and the strength of the security including the processes carried out by the company hosting your data. Some people argue that storing your data on the cloud can be more secure than storing it on your desktop or an on-site server. The level of physical and electronic security that cloud service providers offer may be higher, depending on the risk involved, and the duplicated continuous backup processes of cloud providers are probably going to be better than most businesses would implement.”
Wherever you store your data, there are always security issues, as Charles adds: “Most cloud computing providers take great measures to ensure your data is safe, including backup power supplies, firewalls, data encryption software and regular, third-party security audits. They can also protect your data against floods and fires by having multiple servers in different locations.”
Charles summarises: “The cloud service providers take great care to protect your data, but ultimately each business needs to consider its attitude to risk, the data being stored and the implications of a security breach. If you decide the benefits of the cloud outweigh the risks and you are happy to accept the risk then you need to ensure you choose your cloud provider carefully and implement robust procedures to mitigate the risk of problems. For example, controlling access rights, regular password changes and training your staff on security risks.”
Research before choosing a cloud service provider
It is important to research the various cloud service providers to ensure that the one you choose has the necessary controls in place to protect your data.
Some questions to think about include:
- What 3rd party security audits and penetration tests are carried out, and how regularly?
- What security certifications, code of practice or quality standards does the company adhere to?
- What encryption software do they use to safeguard your data?
- What security measures do they undertake?
- Can they secure against a fire or flood, for example, at one of the servers?
- Which country is the data physically stored or backed up in? (Generally, within the EEC is acceptable.)
- How often do they back up their servers?
For more information, please contact your local specialist or visit our cloud accounting page.