Skip to content
11:11 Systems
Rethink Connected
11:11 Systems11:11 Systems
  • Why 11:11
    • Submenu
      • Column 1
        • Cloud Console
          Cloud Console
          Compliance
          Compliance

      • Column 2
        • Global Regions
          Cloud Regions
          Catalyst
          Planning and Assessment

      • WHY CHOOSE 11:11
      • Overview
      • Leadership
      • News & Media
      •  
      • Careers
      • Technology Partners
      • Customer Stories
  • Products & Services
    • Products & Services
      • CLOUD
      • Cloud Overview
      • Public Cloud
      • Private Cloud
      • Object Storage
      • Cloud Labs
      • Colocation/Bare-Metal
      • BACKUP
      • Backup Overview
      • Veeam Backup
      • Microsoft 365 Backup
      • Managed Backup for Cohesity
      • DISASTER RECOVERY
      • DRaaS Overview
      • DRaaS for Veeam
      • DRaaS for Zerto
      • DRaaS for Azure
      • Autopilot
      • SECURITY
      • Security Overview
      • Continuous Risk Scanning
      • Managed SIEM
      • Managed EDR
      • Managed Firewall
      • CONNECTIVITY
      • Connectivity Overview
      • SD-WAN
      • Multi-Cloud Connect
      • Managed IP
  • Solutions
    • Solutions Submenu
      • INDUSTRY
      • Education
      • Financial
      • Government
      • Healthcare
  • Partners
    • Partners Submenu
      • Overview
      • Become a Partner
      • Partner Portals
  • Resources
    • Resources Submenu
      • Events
      • Webinars
      • News & Media
      • White Papers
      • Podcast
      • Data Sheets
      • Customer Stories
      • Innovation Blog
  • Support
    • Support Submenu
      • Contact Support
      • Product Documentation
      • API Documentation
Search:
  • Console Login
  • Contact
Header Right Menu
Free Trial
  • Why 11:11
    • Cloud Console
    • Compliance
    • Cloud Regions
    • Planning and Assessment
    • WHY CHOOSE 11:11
    • Overview
    • Leadership
    • News & Media
    • Careers
    • Technology Partners
    • Customer Stories
    • Blog
  • Products & Services
    • CLOUD
    • Cloud Overview
    • Public Cloud
    • Private Cloud
    • Object Storage
    • Cloud Labs
    • Colocation/Bare-Metal
    • BACKUP
    • Backup Overview
    • Veeam Backup
    • Microsoft 365 Backup
    • Managed Backup for Cohesity
    • DISASTER RECOVERY
    • DRaaS Overview
    • DRaaS for Veeam
    • DRaaS for Zerto
    • DRaaS for Azure
    • Autopilot
    • SECURITY
    • Security Overview
    • Continuous Risk Scanning
    • Managed SIEM
    • Managed EDR
    • Managed Firewall
    • CLOUD CONNECTIVITY
    • Connectivity Overview
    • SD-WAN
    • Multi Cloud Connect
    • Managed IP
  • Solutions
    • INDUSTRY
    • Education
    • Financial
    • Government
    • Healthcare
    • Column 2
  • Partners
    • Overview
    • Become a Partner
    • Partner Portals
  • Resources
    • Events
    • Webinars
    • News & Media
    • Whitepapers
    • Podcast
    • Datasheets
    • Customer Stories
    • Innovation Blog
  • Support
    • Contact Support
    • Success Center
    • API Documentation
  • Contact
  • Console Login
  • Free Trial
Author: Brian Knudtson
Date: February 21, 2019

Configuring the Cloud for Proper Object Store Security

As of January 2022, iland is now 11:11 Systems, a managed infrastructure solutions provider at the forefront of cloud, connectivity, and security. As a legacy iland.com blog post, this article likely contains information that is no longer relevant. For the most up-to-date product information and resources, or if you have further questions, please refer to the 11:11 Systems Success Center or contact us directly.

 
Data is the lifeblood of modern businesses and, consequently, the protection of data is critical. Protection from loss isn’t the only protection data needs these days. The theft and leakage of data can cause massive damage to a company and its customers, and has unfortunately become all too common. With so many reports of data leaked from cloud object stores, 11:11 wanted to help our customers manage these risks when we launched the 11:11 Cloud Object Storage product.

Is Cloud Storage Failing Data Security?

Cloud-based object storage has the ability to scale larger than block or file-based systems for unstructured data, which makes it ideal for many different use cases. Corporate file sync and share services, document management systems, IoT device data repositories, big data analytics and video file storage are all common use cases for public cloud hosted object storage. Data protection vendors like Veeam are also introducing the ability to tier backups into object storage to help reduce the reliance on tape and the costs of long-term retention and to provide limitless capacity with minimal effort.

When reviewing the numerous leaks of this type of data from cloud object stores, it becomes obvious that most aren’t due to poor security on the cloud vendor’s part. Most are actually due to misconfiguration on the part of the customers, commonly because the “buckets” were configured as public instead of private. This is equivalent to building a house and not installing locks on any of the doors or windows.

When utilizing any public cloud technologies, businesses are agreeing to a shared responsibility model for their data. While it varies from provider to provider and technology to technology, the common result is that the cloud provider is responsible for the uptime and security of the infrastructure and the customer has some level of responsibility for configuring the proper security to protect their data.

While all of these reports should cause concern to anyone storing data in the cloud, it shouldn’t prevent the use of cloud storage when it can be properly secured. In fact, even data stored internally needs to be protected appropriately, so no matter where the data resides, proper precautions are key.

Proper Security for Object Storage in the Cloud

Similar to securing data within a private data center, protecting data in the cloud requires several layers of protection. With object storage, ensuring everything is set to private is the first and most important step. Businesses should always follow the same strict policies for users, passwords, groups and permissions in the cloud as in their own data centers.

One of the great advantages of using a cloud-based object store is sharing files with external entities. When these third parties would normally not have access to the rest of the object store, many object stores provide the ability to generate a time-limited URL to access a given file. This prevents administrators having to modify permissions every time a single file needs to shared and reduces the chances that additional data will be exposed. When IT can provide a solution that is both functional and easy to use for end users, the use of shadow IT will be greatly reduced and lead to overall better control of company data.

Encryption of data is another important element to protecting critical data. Many businesses today need to ensure data is encrypted at rest in order to protect it at a physical layer and ensure regulation compliance. Ensuring the data is encrypted while being transported to and from the cloud provider is key as well. Many cloud providers offer these capabilities as either a default configuration or as configurable features. But, encrypting at rest and in flight doesn’t provide data security if the objects are accessed through an unlocked front door. To protect this data from accidental exposure via a misconfiguration or stolen credentials, files should be encrypted prior to uploading them to the object store.

Of course, as with any security configuration, it should be reviewed regularly to ensure any configuration drift hasn’t inadvertently exposed sensitive data. Depending on the cloud provider and the level of shared responsibility, this may be entirely self-service for the customer or could require interaction with the provider’s support staff.

Making Data Security Easy with 11:11

With a security-first approach to cloud infrastructure, 11:11 has gone further than most cloud providers to help customers keep their data out of the wrong hands. All “buckets” are created private by default. All objects are stored on encrypted storage and are only available via HTTPS. Customers manage their object storage through the 11:11 Cloud Console, which has been designed to be as simple as possible, so configuration of the environment is less prone to error due to confusion. The console also provides access to robust reporting that helps customers understand their security vulnerabilities and compliance to common regulations.

With a global reach in multiple regions, 11:11 is also well positioned to ensure data remains in the right physical location to comply with data sovereignty regulations. The console makes this easy as well, by allowing customers to manage their infrastructure across multiple 11:11 data centers within the same interface using global credentials.

On top of all this, 11:11 customers have easy access to our internal compliance, cloud services and cloud support teams. Anytime they have questions or concerns, they can call these teams to ensure their environment is configured correctly and to help with reporting for audits. They receive highly attentive assistance to ensure successful on-boarding from both project managers and certified engineers. Our highly experienced support engineers are only an email or phone call away, and are available to customers for everything from a critical outage to advice on setting up their environment.

Keeping data secure is critical for every business, regardless if the data is in the same building on infrastructure completely managed by the business or in a public cloud. Internal and external forces are equally likely to affect data in both cases. Despite all of the bad press, it is very possible to make data in a cloud-based object store every bit as secure as data on-premises, especially when utilizing a public cloud provider that makes security a top priority.

To find out more about 11:11 Cloud Object Store, visit our website. Or, if you want to talk to one of our experts, contact us here.

Categories: Cloud Backup, Security, VeeamBy Brian KnudtsonFebruary 21, 2019

Author: Brian Knudtson

In his 20-year career, Brian has experienced many different perspectives of the IT industry. He has worked as a value-added reseller, vendor and service provider in roles in web development, system administration, post-sales deployment, pre-sales architecting, public cloud design and technical marketing. Currently, Brian is the Director of Cloud Market Intelligence at 11:11. He enjoys spending time with his wife and three kids. He is also heavily involved with the Destination Imagination program and has been a long-time member of the VMware community, notably starting the Omaha VMUG and putting on VMunderground at VMworld. You can find him online occasionally blogging at http://knudt.net/vblog and tweeting at @bknudtson.

Post navigation

PreviousPrevious post:Tidy-up Your Production Storage with Veeam Capacity TierNextNext post:The Importance of Protecting Office 365 Data

Related Posts

Protecting Microsoft Teams Channel Chat Data: Are You Prepared?
March 15, 2023
Security
You Can’t Win: Learning to Live with Security Pessimism
March 13, 2023
Veeam 12
Veeam 12: Appropriate Direct to Object Storage Use Cases
February 15, 2023
Building a Championship-Caliber Data Security Strategy
February 15, 2023
Veeam 12
Veeam 12 Preview: Veeam Cloud Connect Backup vs. Object Storage
February 14, 2023
Veeam 12
Veeam 12 Preview: Multi-Factor Authentication
February 7, 2023
PRODUCTS & SERVICES
  • Cloud
  • Backup
  • Disaster Recovery
  • Managed Security
  • Connectivity Solutions
  • Compliance
COMPANY
  • Why 11:11
  • Customer Stories
  • Careers
  • Leadership
  • Technology Partners
  • News & Media
  • Contact Support
CLOUD REGIONS
  • North America
  • EMEA
  • APAC
CONNECT
  • LinkedIn
  • Twitter
  • Facebook
  • Youtube

© 2023 11:11 Systems Inc., All Rights Reserved | Privacy Notice

Go to Top
PRIVACY POLICY AND COOKIE CONSENT
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}
PRIVACY POLICY AND COOKIE CONSENT
To provide the best experiences, we use technologies like cookies to store and/or access device information that allows us to process data such as browsing behavior. Not consenting or withdrawing consent, may adversely affect certain features and functions. By clicking Accept, closing this message, or continuing to browse, you consent to these technologies and accept our Privacy Notice.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}