But especially in the early days – and even now in more traditional industries like commercial real estate – companies are reticent about transferring their data to the cloud. Data security, in particular, continues to elicit reservations.
While transitioning to the cloud streamlines collaboration and improves efficiency, the proper security measures must be established before these benefits can truly be realized.
Regulate user privileges
First and foremost, user access should be regulated and an authentication process should be required. Any privileges beyond the purview of an employee’s explicit job function are dangerous. In CRE, for instance, confidential lease and tenant information could be leaked – either accidentally or on purpose. Competitors or brokers could use that information to book deals and drive business away from the company.
But even if an employee has the appropriate access rights, they still pose a risk. An employee may need access to a developer’s proprietary information to perform their job, but if they ever decide to leave the company, they can bring that information with them and sell it to the highest bidder.
Superfluous privileges are inherently risky. Employees should only be allowed to access the data they need. Fortunately, most modern-day cloud platforms make it easy to regulate user access with granular precision.
Superfluous privileges are inherently risky. Employees should only be allowed to access the data they need.
Adopt user authentication procedures
To move data to the cloud, a few simple security measures can vastly improve your security posture. Two-factor authentication (also known as 2FA), for instance, is a great way to guarantee that the right person is signing into the right account. Strong passwords and single sign-on (SSO) are also considered best practices. Moreover, companies need to have a process in place to ensure both internal or external communications are going to the intended recipient. This protects against employees accidentally sending documents to the wrong person or intentionally forwarding a document to an unauthorized party with malicious intent.
Encrypt data in transit and at rest
Investing in encryption is a commonsense way to secure your data. Most third-party platforms have built-in encryption, but if you’re building your own cloud database, encryption needs to be top-of-mind. Industry best practices recommended 256-bit (bank grade) encryption for data at rest and in transit, and communications should be encrypted by HTTPS (or other encryption protocols like SSL) and TLS certificates. While external cloud services tend to already have these measures in place, it’s essential that you investigate how a cloud platform you’re evaluating handles encryption.
Take advantage of centralized data
Finally, the biggest benefit of moving data to the cloud is that information is centralized and easy to access. Prior to adopting the cloud, companies will often store sensitive documents on old, outdated hard drives or in dusty filing cabinets. These critical files may exist in disparate locations and offices, and there’s a good chance they’re the only copies. Poorly organized information can lead to data loss, or even worse, theft.
By eschewing paper checklists and manually updated Excel spreadsheets in favor of a centralized data platform, investors and other businesspeople can ensure their most sensitive data is both better organized and more secure. This makes it easier to control access privileges, track user activity, and safely store information.
To witness these principles in action, one need only look at the wealth of SaaS solutions that today’s CRE firms have to choose from. They can manage their properties and leases in a platform like VTS. They can track leads in a real estate CRM like REthink. And they can take care of their assets and portfolios with companies like Yardi.
These lightweight, cloud-based solutions enable CRE firms to consolidate their data while mitigating risk. The key for each of them is that they’re built from the ground up with ease-of-use and data security in mind, thereby enabling hyper-efficient collaboration built upon a rock-solid foundation of security.
For a closer look at how this works, let’s examine the story of U.S. Restaurant Properties (USRP). The firm is a private REIT operated by a small but highly efficient team. Together, they’re responsible for an investment portfolio that includes Burger King, Taco Bell, Wendy’s, and Starbucks Coffee. They evaluate hundreds of acquisition opportunities every year and execute multiple deals in parallel. Unsurprisingly, they have a massive amount of data, both of their past deals and deals currently being evaluated.
To streamline their deals process, they opted to centralize their pipeline onto a cloud-based deal management platform, Dealpath. They were able to move their home-grown databases, Excel spreadsheets, and even paper checklists into the cloud. From there, USRP carefully set the appropriate access rights for every transaction, task, and deal, ensuring that each member only had access to the information they needed. This allowed them to focus on what mattered most, and it barred them from accessing data that was unnecessary to their job. In addition, USRP established robust user authentication protocols so nobody without explicit permission would be able to access the data. Finally, they were able to ensure that their deal information was fully encrypted, both in transit and at rest.
Ultimately, the USRP team reported increased productivity and a reduction in errors during due diligence. Crucially, they were able to rest easy that their data was secure in a single, easy-to-access location. As the USRP CEO, Bot Stetson, put it, cloud computing “is about enterprise risk management and maximizing our most important asset – our time.”
Centralizing data onto the cloud is the key to efficiency and collaboration, but it has to be backed by appropriate security controls. User authentication, access rights management, and data encryption are all pre-requisites to unlock the value of centralized data platforms.