Two of the most common rallying cries when it comes to reducing cost and increasing efficiency would probably be the use of cloud and BYOD. In fact, I have recently recommended that SMBs leverage the cloud in order to trim their IT budgets.
However, implementing cloud services and BYOD is not without its own set of risks, too, as highlighted by recent incidents.
The first incident involves iOS 6.1 that was released on Jan. 28. It came with a significant bug that resulted in excessive generation of log entries on Exchange Servers. According to Microsoft, the bug resulted in “rapid growth in transaction logs, CPU use, and memory consumption in Exchange Server 2010 when a user syncs a mailbox by using an iOS 6.1-based device.”
In a nutshell, the problem is a serious one, especially for organizations with large iOS deployments given its inadvertent denial-of-service-like behavior on Exchange Server. The bug has since been acknowledged by Apple, though it appears that some IT administrators are forced to specifically block Apple devices. Due to my prior management of Exchange Servers, I can add that this is not the first time an iOS bug has resulted in problems with Exchange.
The takeaway here: BYOD is increasing the number of things that can go wrong at unexpected places.
By virtual aggregation and specialization, cloud service providers are able to offer the advantage of lower prices and more robust services. However, it does not mean that they are infallible. Indeed, some may argue that cloud vendors actually present a larger and hence more appealing target for hackers.
Another less obvious downside may be the use of obsolete or security-ridden infrastructure. Administrators and IT managers are typically left unaware of any known or new vulnerabilities in the underlying cloud fabric, but which are nevertheless passed on to their applications. This was precisely what happened to me when my personal website at thetechblogger.com was hacked earlier this week and replaced with a static page announcing the fact.
Though I initially believed that the hack was due to my neglect in updating the underlying WordPress CMS, my checks quickly made it evident that it was the shared server that was hacked. The attack vector meant that there was essentially nothing I could have done to prevent it from happening – a problem faced by businesses investing into the cloud.
There is no doubt in my mind that implemented correctly, cloud services and BYOD can offer tremendous benefits and value to small and mid-sized businesses. However, SMBs must also recognize that every technological implementation will come with its own set of weaknesses.
Where cloud services and BYOD are concerned, the former could entail hidden security vulnerabilities, while the widespread adoption on the latter may result in more things that could go wrong at unexpected junctures.