What is your cloud provider doing to protect your company’s data?

Published on
Nov 12, 2024
Written by
Read time
5 min
Category
Articles

With the constant advancements in technology, more and more companies are moving to cloud-based applications daily.  Being on the cloud makes it easier for businesses to access applications across their entire organizations, but also opens them up to ever-increasing cyber security threats.  Hackers are everywhere and attempted security breaches are inevitable.  Even some of the most well-known companies have found themselves subjects of a security breach.  Below are some tips to help protect your company’s data and yourself. These may seem simple or common sense, but some of the biggest data breaches have occurred because an employee was careless and clicked on a link in an email they shouldn’t have…

Here Are 6 Easy Tips to Keep You and Your Business Secure

1) Always use a secure/private internet connection.

  a. Public Wi-Fi networks are not secure, making them a prime target area for hackers.  

2) If you must use a public internet connection, these will help prevent vulnerabilities.

   a. Connect to a Virtual Private Network (VPN).  

       i. VPNs are used to defend against hackers by helping to hide your IP address, browsing activity and personal data. If your company didn’t provide you with one(which they should have), there are several highly rated VPN providers you can find with a quick Google search.  

   b. Always access a URL through HTTPS instead of HTTP.  

       i. HTTPS uses TLS (SSL) to encrypt normal HTTP requests and responses. As a result, HTTPS is far more secure than HTTP.

3) Never leave your devices unlocked or unattended.

4) Install anti-virus software that is setup to run automatically on a weekly or bi-weekly basis.

5) Beware of suspicious email links or websites.

   a. Malware (malicious software) can be disguised as an email from a friend or a useful website.

      i. Make sure to review the full email address of who it is from.  At first glance it may look legitimate, but often there will be an extra letter or character in the email address, indicating this isn’t actually from Sue in Accounting, but rather a phishing scam or imbedded malware.

     ii. Always review the full URL address of the website (without clicking the link).

6) Use a strong password that is not the same for any other devices and don’t keep this password with your computer or mobile device on a post-it note or easily accessible in a word document titled “my passwords”.  

   a. A password manager application on your computer and/or mobile device ensures your passwords are stored in an encrypted database.

   b. It is also important to pay attention to the password requirements when signing up for an online service.  If the company uses weak password requirements, there’s a good chance they don’t take cyber security seriously as a whole.  

-------------------------------------------------------------------------------------------------------------------------------------------

These were just a few tips to keep your company and you safe when accessing cloud applications, but what is your current cloud provider doing to keep your company’s valuable data safe?  How do they handle cloud compliance?

CereTax employs multiple regional data centers with multiple availability zones within each region. Your data replicates between the regions in near real-time, so your data is constantly backed-up if there was ever an outage.

When evaluating a new cloud provider, it is crucial to understand what security protocols they have in place.  You should also continuously evaluate how your current provider is adapting its security measures to account for the“newest” threats.  

CereTax utilizes enterprise-grade best practices to protect our customers’ data.

Continuous Security Control Monitoring

CereTax uses an automation platform to continuously monitor 100+ security controls across the organization. Automatedalerts and evidence collection allows CereTax to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.

Employee Trainings

Security is a company-wide endeavor and requires the utmost diligence from everyone. All employees should complete an annual security training program and employ best practices when handling customer data.

Penetration Tests

CereTax works with industry leading security firms to perform annual network and application layer penetration tests.

Secure Software Development

CereTax utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.

Data Encryption

Data is encrypted both in-transit using TLS and at rest.

Vulnerability Disclosure Program

If you believe you’ve discovered a bug in CereTax’s security, please get in touch by emailing support@ceretax.com. Our security team promptly investigates all reported issues.

Does your current provider take security as seriously as CereTax does?  Maybe you need to find out…