Perceptions and Realities of Cloud Security
A new survey suggests that access policies could use a little work.
When I talk to people who deal with network security on a daily basis, I often ask how they feel about cloud security. The reaction I get is usually mixed. Some love it, but a surprising number are very wary about it, and more than a few have resisted the move to the cloud because they don't trust the security. I'm not the only one who has noticed this trend. My colleague Arthur Cole wrote:
Although enterprises have embraced cloud technology to a significant degree, a number of persistent, nagging doubts seem to be holding many back. Among those are data availability and security once it makes the leap from in-house to external infrastructure.
I suspect the nagging concerns of cloud security will only increase, as stories like the Amazon, Sony and Google hacking problems dominate the news. Some experts are wondering if the recent incidents could weaken the growth of cloud computing. A Reuters article looked at that very issue, stating:
Concerns over security could slow the growth of the market for cloud computing, which is expected to reach $3.2 billion this year in Asia alone from $1.87 billion last year, while the global market could reach $55 billion in 2014, according to estimates by technology research firm IDC.
And it might not just be hackers we need to worry about, said an article in the Atlantic Wire. Government also plays a role in cloud security, but it has lagged behind with setting up standards and regulations on how to keep users safe. The article said:
[T]his year it's becoming glaringly clear that users stand to lose most in these security breaches. Sony might've lost money when their network crashed, but gamers lost real security when their personal information leaked out into the open. Ditto for the Gmail breach. Some hacking organizations like LulzSec, who broke into PBS this week, claim a higher moral imperative behind their attacks. If websites are poorly protected, somebody should let people know. LulzSec targeted Sony too, stealing a trove of user data while they "sit and laugh at the FBI" for failing to stop them.
Now, on the heels of all the problems and questions surrounding cloud security is the announcement of Apple's iCloud. Unlike virtually every other company out there, which operate on an open standard in the cloud, Apple will work with its own proprietary technology and its own vertical space. And for that reason, the Atlantic Wire article stated:
It goes without saying that it would be bad news if hackers broke into iCloud.