Is Cloud Computing Secure? Yes Another Perspective

Is Cloud Computing Secure?

Cloud computing has grown by leaps and bounds in recent years. Every day brings news of some acquisition, some investment, some innovation in this space. What started as a mere snowball has gradually acquired the proportions of an avalanche with all the big boys of the Information Technology putting in big dollars in cloud computing.

From Microsoft to Google to late-entrant Oracle, everyone has their fingers in the cloud computing pie.  However, concerns still remain, chiefly regarding security. Several companies have put off moving to the cloud simply because of security concerns. Otherwise, cloud computing with its pay-per-use and get-when-you-demand model seems to be a win-win situation.

Security is a major bugbear today, and not only in the physical world. Enhanced security concerns may lead to stringent, and often unwelcome, TSA checks at airports, but it also affects the adoption of new technologies like cloud computing. Especially if that technology is based on the World Wide Web, where literally, anyone with a modem and Internet connection can log in. The recent Wiki Leaks controversy hasn’t helped matters as regards acceptability of cloud computing.

Many opponents of cloud computing say that the technology’s presence on the Web makes it open to attackers worldwide. What they fail to realize is that isolated data centers, as was the norm before the advent of cloud computing, aren’t immune to hackers either. In fact, the modular nature of cloud computing may actually limit damage due to such attacks over the Internet.

With isolated data centers, it’s the old “all eggs in one basket” scenario, and we all know how that ends if the basket falls. On the other hand, with cloud computing, you are actually placing your eggs in different baskets. Even if one or more of those baskets fall, you have others to fall back on. Therefore, it is clear that being on the Web is not necessarily a disadvantage for cloud computing.

Secure Cloud Data

Of course, if your isolated data center is isolated in the true sense of the word, that is, not connected to the World Wide Web, you are safe from online attacks. But are you truly safe? Think again. How about a disgruntled employee who slips in with a USB drive, downloads confidential information and then passes it along to your competitors? Remember, confidential diplomatic messages released by Wiki Leaks were not obtained from an unknown hacker, but a US Army soldier Bradley Manning who simply walked in and downloaded the data onto his music CDs.

Does this mean that company’s security fears about cloud computing are unfounded? Not really. But instead of suspecting the technology, perhaps they should be looking more closely at the providers. Here’s why.

In spite of all the literature of “being on the cloud,” cloud computing is based out of data centers, quite similar to the ones that support companies’ internal resources. Granted there are multiple data centers at work here, but at the end of the day, they are still data centers. And like all data centers, they are susceptible to security issue like data theft, natural disasters, etc. While the redundancy of multiple data centers does restrict problems due to natural disasters like fire, data theft cannot be ruled out. And this is where the trustworthiness of service providers comes in.

“Can I trust my cloud computing service provider?” – this is the question a company should be asking itself, rather than, “Can I trust cloud computing?” If the company feels that its own data centers are more adept at safeguarding data than its service provider, then its security concerns regarding cloud computing is justified.

This means that a company has to be very careful in choosing its cloud computing service provider. However, a vetting process is natural when selecting a vendor or provider of any service, and thus, cloud computing is no different. Granted, the vetting process may be more stringent than when choosing a beverage supplier, but essentially, the procedure is the same.

A service provider can remain in business as long as it can keep its reputation intact. Therefore, any provider which has been deficient in safeguarding its customers’ data will fall by the wayside by natural selection. Even a cloud computing pioneer like Amazon has faced flak for removing Wiki Leaks’ data from its servers citing breach of contract, as I had mentioned in an earlier article. Therefore, for a company it is important that the contract fine print is closely examined before it signs on the dotted line.

At the end of the day, while I would not go so far as to say cloud computing is completely secure, I believe that it’s secure enough for most companies. I am not playing with words here, but merely stating the fact that no IT system is completely secure, not even the internal data center with multiple firewalls, restricted access and housed in a fire-resistant, earthquake-proof building.

Of course, with the technology undergoing improvements by the day, waiting for a few months may not be wrong. At the same time that has to be weighed against possible benefits that the company will lose out on by moving to the cloud. In other words, cloud computing should not be considered untouchable simply because of security concerns, but all arguments weighed before a final decision is taken.

Remember, if you truly want a system that is 100% secure, perhaps you should look at getting a personal computer that remains at one place in your home, is not connected to the Internet, does not accept external media like floppies, disks and flash drives, and to which only you have the password. But then again, that wouldn’t help you, or your company, do much work, would it? Cloud computing is here to stay, and in all probability, is going to revolutionize how we do business.

By Sourya Biswas

Sorry, comments are closed for this post.

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Success for Today’s CMOs Being a CMO is an exhilarating experience – it’s a lot like running a triathlon and then following it with a base jump. Not only do you play an active role in building a company and brand, but the decisions you make have direct impact on the company’s business outcomes for…

Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of machine learning and advancement of artificial intelligence can dramatically change the manufacturing process and put an end to the dreaded product recalls in the future. In recent news, Samsung Electronics Co. has initiated a global…

Cloud Services Providers – Learning To Keep The Lights On

Cloud Services Providers – Learning To Keep The Lights On

The True Meaning of Availability What is real availability? In our line of work, cloud service providers approach availability from the inside out. And in many cases, some never make it past their own front door given how challenging it is to keep the lights on at home let alone factors that are out of…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…

How To Overcome Data Insecurity In The Cloud

How To Overcome Data Insecurity In The Cloud

Data Insecurity In The Cloud Today’s escalating attacks, vulnerabilities, breaches, and losses have cut deeply across organizations and captured the attention of, regulators, investors and most importantly customers. In many cases such incidents have completely eroded customer trust in a company, its services and its employees. The challenge of ensuring data security is far more…

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the…

Three Factors For Choosing Your Long-term Cloud Strategy

Three Factors For Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…