May 12 2011

Security Breaches In The Cloud Equals Risk

Posted on the 08:45 am under Cloud Computing by Darren Boyer

Microsoft, Google, Amazon, Best Buy, Sony and many more Fortune 500 customers have all had significant outages or security breaches related to their cloud services in the last 6 months.

US online banking is so insecure that a website maps out the locations across the country where organizations have lost tens or hundreds of thousands of dollars from fraudulent activity.  Online fraud and theft is happening at such an alarming rate the site has difficulty trying to keep up.

Many of the users affected have been Small to Medium sized organizations.  These are the very organizations who are expected to benefit the most from cloud services according to most industry analysts.  Yet these are typically the organizations who can least afford a huge risk exposure that many cloud technologies represent.

Two ways that any organization can protect themselves are to look at the following aspects of their operations.

Is there more than anti-virus software and a firewall in place as protection.

Antivirus software is very helpful in removing or blocking infections AFTER they occur or get past the initial defense layers.  Since malware has to get past the initial layers of defense 1st this is not an ideal strategy.  It can be compared to only catching thieves after they break into the property.  Deterrents to keep thieves out in the first place is generally a preferred strategy.

A typical firewall or router that blocks some ports and allows others such as internet traffic unlimited access into the company network are a very weak threat deterrent.  Comparing a regular firewall to physical security it could be said that a regular router is like having a locking door knob and a picket fence around the property.  This may work on the quiet streets of Grande Prairie but the internet can not be likened to a quiet street.  It is not uncommon for a small 3-15 person offices in Grande Prairie to have hackers from overseas try over 100x in a single night to get into the company network.  Why they would want access is anyone’s guess but if there is private data behind the firewall we would recommend better security measures be taken.

The second method has more of an overall impact on data security. We’ll look at the second method in more detail in a future post.

Written by Darren Boyer

Darren Boyer

Darren Boyer is the founder and president of pcit.

Related Posts: