So you're having concerns about the security of the Cloud? I understand. The news is full of stories of security breaches, hacking, and identity theft. Scary stuff!

A lot of internet security is based on common sense. Use long unique passwords, don't share confidential info with people you don't know,  and definitely don't open emails from people you don't know or that look suspicious. Following some basic steps can go a long way to protecting yourself.

Still, putting more and more of your sensitive data into the Cloud can make you a little uneasy. 

According to market intelligence firm iHS iSuppli usage of free and paid Cloud service is going no where but up. Usage is slated to hit 1.2 billion users by 2017. I think it's safe to say the Cloud is here to stay. With so many users storing data in the Cloud you can be sure companies will be spending more money to ensure the security of their customer's data.

Three companies we work with go to great lengths to protect your data: Salesforce, Google, and Xero. Below you will find an overview of the just some of the security protocols they have put in place to give you peace-of-mind.

Google:

• Onsite 24-hr security at all server facilities
• Heat sensitive cameras
• Biometic scanning
• All data is encrypted while it sits on the server and when it is in-transit
• Offers enterprise-grade security and compliance, including a SSAE 16 / ISAE 3402 Type II, SOC 2-audit, ISO 27001 certification, adherence to the Safe Harbor Privacy Principles, and can support industry-specific requirements like HIPAA
• Routine security audits
• Redundant security monitoring from internal teams at Google and 3rd party companies

The kings of data don't mess around. I wouldn't doubt it if the U.S. Gov't asks Google for help to secure their servers. You can read more about their security on their site. They even have a very thorough white paper on their security measures.

Salesforce:

• 24-hour manned security at all server facilities
• Biometric scanning for access to data center rooms
• Full video surveillance
• Connection via SSL 3.0/TLS 1.0, with certificates from Verisign ensuring secure connections for all users
• Each user session is identified and re-verified with each transaction with a unique token created at login
• Internal firewalls segregate traffic between the application and database tiers
• Conduct regular third-party audits for vulnerabilities

The list goes on and on, but I think it's safe to say they take your security seriously! For a full list of security measures you can visit their site.

Xero:

• Data stored in tier-4 enterprise grade hosting facilities
• Biometric scanning
• 24/7 Onsite security guards
• Mandatory strong password requirements
• SSL Certificates signed by global leaders in certificate security (Entrust & GTE Cybertrust)
• All data is encrypted in transit
• Multi-layer firewalls and intrusion protection
• Routine 3rd party audits and inspections

Xero may be new to the game but they're not messing around with your data and are taking many of the same precautions as Salesforce and Google, two companies who have been in the Cloud game much longer. Full details on their security is listed on their site

Still don't think your data is safe?

Do you have 24/7 security guards at your office and NSA grade network security? Didn't think so. In my opinion your data is likely safer in the cloud then on your PC.

Now if you're still a little unsure. You can buy even more security. I Didn't think that was even possible. But it is.

There are a number of third-party add-on services you can buy if you desire that extra boost of security. 

One vendor in particular, CloudLock is making waves in the Cloud security world for both Salesforce and Google Apps (Nothing yet for Xero). In fact CloudLock has just been named by Google as one of the first Google Apps Premier Technology Partners. Needless to say, these folks are legit.

Some of the things they help with are:

• Data Discovery
• Selective Encryption
• Audit Readiness
• Regulatory Compliance
• Third-Party App Managment

Packages for Salesforce are $12/user/month. A bundled package for Google Apps is a mere $2/user/month. So not a big price to pay for more peace-of-mind. 

But do you really need it?

That depends on you. Does your business have certain restrictions? or Security demands? Are you a bit more risk adverse? Odds are you don't need it, but if you want it, go for it.  

Whatever you do, and whichever Cloud service you choose make sure to review their security plan before you sign-up.