There has been a gradual move to the cloud in recent year which has its pluses and its minuses. The near universal availability of files across devices is a major advantage, but security has also become an issue. It’s an issue for the average home users, but it is even more of a headache for businesses.
IT administrators have an important role to play within companies, but they can also pose a security risk. Having permission levels set too high can have terrible repercussions. There is the scope for mistakes to be made — human error will creep in from time to time — but there is also the potential security problem of an administrator workstation being left unattended and subsequently used by an unauthorized person.
With data stored in the cloud, there are obvious concerns that files and information could fall into the wrong hands. In a post on the Office blog, Microsoft is keen to point out that steps have been taken to ensure that these issue do not arise.
Director of Program Management, Vivek Sharma explains how a ‘two key’ approach has been used to ensure that permission levels are only raised when necessary, and it is only done with the knowledge and consent of others. He explains that when dealing with an incident, a user is able to request elevated privileges, and this request must be granted by at least one other person involved in the same service.
“If the service is working properly, nobody has access your data. There is literally zero standing access for human beings to your data if it’s sitting in our cloud,” says Corporate Vice President of Development, Perry Clarke.
This is all part of the ‘roles based access’ approach that Microsoft has adopted with its Lock Box environment, and it’s reiterated by Sharma when he says “it’s impossible for one person to go do something serious”. Logging of access and permission changes helps to reduce the risk of two or more people working in conjunction with each other to access unauthorized data or to perform unauthorized actions.
Check out the video below:
Does storing information in the cloud concern you, or do you not give it a second thought?