What is the seemingly ubiquitous ‘cloud’ we hear so much about?
Simply put, cloud computing is accessing data and programs by connecting to the internet from any computer rather than needing your own personal computer to get the information from its hard drive.
Someone using their home computer who puts a song into the popular cloud site DropBox will be able to access that same song on a different machine at work, or in a café, or at a friend’s house. The point is that the song, document or picture is not on your drive at home, but rather accessible through the magic of the internet.
So what’s the downside?
The trouble is, the way the cloud works means it introduces new avenues of attack for the cyber criminal.
A data breach can mean that sensitive internal information falls into the hands of competitors, while data loss can leave users high and dry with records of their stored data, including such things as purchases or payments, adrift in the ether.
Losses are usually chalked up to human error, but ‘breaches’ are the result of a malicious and intrusive action.
Phishing – attempts to acquire usernames, passwords and credit card numbers by people masquerading as trustworthy entities usually through email – and other forms of hijacking accounts mean users risk losing, at the least, personal information, at the most, substantial amounts of money.
Firms fear losing data
But it’s not just individuals who are concerned. Businesses also have their reservations when it comes to cloud computing.
A recent study by data flow specialist Axway and research company Ponemon Institute shows that organisations consider public cloud sites a major security risk.
Many organisations use the cloud to easily and conveniently transfer sensitive information. But documents that need accessing remotely, such as legal papers sent for translation, or scientific papers disseminated around an exclusive research community, can be put at risk if the correct security measures are not in place.
The survey of 621 IT professionals found that nearly half the organisations thought popular cloud-sharing services such as DropBox, Google Docs and Box are not suitable for business use.
The key concerns were:
- 89% of organisations are highly unlikely to know if sensitive or confidential data was lost or stolen due to a data breach in the public cloud
- 80% are concerned about the negative consequences of using the cloud due to the potential loss of intellectual property
- 69% are not likely to know whether employees are using unapproved and risky file-sharing tools
- 66% rank file-sharing high or very high risk to their organisation
- Nearly 50% believe popular cloud-sharing services are not suitable for business use
Make security a priority
Dr Larry Ponemon, chairman and founder of the Ponemon Institute, said: “The results of this study definitively illustrate that organisations are highly concerned about the security risks posed by both public cloud and on-premise file-sharing tools, and they’re absolutely right to be wary of them.
“We’re acutely aware of the potentially catastrophic consequences that can occur as a result of security breaches of these tools. However, it’s our hope that these findings encourage organisations to take a close look at their security strategies related to file-sharing, and in turn implement a comprehensive set of policies and technologies to help ensure the secure transfer of sensitive information across their workforce.”