Robert Cordray| Business2community
As more and more of our digital lives are being stored on clouds, the security of these networks has come under more serious scrutiny. A recent study conducted by the Ponemon Institute revealed that of 4,000 businesses and IT managers worldwide that were surveyed, 80% plan to move or are already moving confidential information to cloud networks within the next two years.
In fact, about half of respondents said they already do store such information on a cloud. Even the federal government has implemented major efforts and funds to move its gigantic information systems to the cloud. In fact, with a $2 billion annual budget for cloud computing, the feds are perhaps becoming the largest cloud user in the world. However, with a recent report revealing major vulnerabilities in the NASA cloud network, it is evident that this shift needs to be done with great caution. Fortunately, other recent news shows a significant slowing in the federal government’s cloud computing initiative, which hopefully means agencies are taking great care to protect the sensitive information which is and will be stored in the cloud.
In the Cloud
Most people are storing and accessing information on the cloud daily, if not hourly. One report predicts that by 2017, 1.3 billion online users will subscribe to cloud services. Email, online banking, file sharing, photo websites and online shopping sites are all forms of cloud computing. The cloud does the heavy lifting so an individual’s personal computer or an organization’s data center doesn’t have to.
The Security Risks of Cloud Networks
However, like most conveniences in this world, cloud computing has pros and cons. The cloud can unfortunately become a floating treasure trove for even an amateur hacker. Hackers access this information on the user end in many ways including:
- Phishing emails which ask you to follow a link to a website which appears to be one you commonly visit such as Amazon.com, but really is a fake login page designed to steal your username and password.
- Spam or pop-ups which entice you to install updates or download programs that are really just masked malware, spyware or key logging software.
The best way to protect yourself as a user is to practice safe internet browsing:
- Strong and multiple password use
- Update security subscriptions
- Avoid clicking on pop-ups (adware)
- Use caution opening unsolicited emails (spam) or clicking on emailed links
- Update antivirus software regularly
The Cloud Security Alliance announced nine top threats for cloud computing in 2013, seven of which had to do with inherent big data security risks. Additionally, over half of those concerns are on the provider end including:
- Data breaches
- Account or service traffic hijacking
- Insecure interfaces and APIs
- Malicious insiders
- Cloud abuse to break encryption keys, spread malware or share pirated software
- Shared vulnerabilities in a multi-tenant architecture
Security: The Responsibility of Users and Providers
Another concern in the report for 2013 was insufficient due diligence on the part of the user. With so many cloud services available, it’s important that users research their options and choose wisely based on the types of information that will be stored on the cloud. Businesses and other organizations which use the cloud to store and access especially sensitive information such as client account, credit card or social security numbers should take extra precautions when selecting a cloud service provider.
- Choose cloud providers which use both authentication and authorization procedures.
- Perform extensive due diligence before pushing an app to the cloud.
- Educate all employees on the internet security protocols of the company.
Intelligent Protection for Advanced Threats
Although hackers are getting more sophisticated with their attacks, online security programs are becoming equally proficient. Aside from the standard firewalls and anti-virus software, you can work with a security company that not only recognizes your vulnerabilities and works to protect them, but also helps you recover from security breaches more quickly and inexpensively.
If individuals, businesses and even organizations like the federal government will make the necessary efforts to protect information, we can continue enjoying the advantages of cloud computing with minimal negative impact.