Working on Air: Secure Cloud Computing
16 · SEP ·2014
Since Apple’s iCloud was hacked and certain users’ personal information was leaked online a number of users and business owners have become concerned over the security of cloud based products. This is one of the reasons why Apple’s CEO Tim Cook was quick to claim that the hacks had not been system-wide and that users’ data was safe, however he added: “When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece ... I think we have a responsibility to ratchet that up. That's not really an engineering thing.”
In order to solve the issue and reassure iCloud users that their system is safe, Apple has this week announced that from now on they would be emailing users if someone accesses their iCloud account via the web. This shows that even though cloud computing is generally considered safe providers need to do more to convince users that their data cannot be accessed by cybercriminals. iCloud is very different to B2B cloud computing services as the data which it stores, while personal, is not high risk such as financial data.
In order to understand more about cloud computing it’s prudent to look at how it began and the reasons behind its creation. Previously, companies had to store all their data on personal computers and servers, however this could cause issues when it came to sharing information, particularly for large corporations that had numerous offices around the world. In order to solve this issue cloud computing was created, enabling data to be stored in online databases and accessed by numerous users at the same time.
One of the biggest benefits of cloud computing is that it allows businesses to quickly share information between users which previously had to be sent by email or other means and subsequently downloaded. As emails are prone to being intercepted during their journeys unless you have a secure system in place, a number of businesses felt uncomfortable sending sensitive data this way. In contrast, by using the cloud, users are able to log into a secure server and then access the information they require without having to send it across the Internet.
This leads to one of the main concerns that most businesses have when it comes to cloud computing: if sending emails containing sensitive information via the Internet is risky isn’t storing information on the Internet too? The simple answer here is no, as cloud computing is much more advanced than email and therefore has a number of security systems in place that ensure any data stored in the cloud is kept safe. Furthermore, advanced cloud computing software can enable businesses to set up varying levels of access for users meaning that there are less ways for data to be stolen.
The cloud is therefore like any other database where sensitive information is stored: in order to keep hackers out you need to make sure that you implement far-reaching security measures. For example, smartphones and tablets are able to access cloud databases along with traditional laptops and PCs, however the more users that have the ability to do so the more easily hackers can infiltrate the system. Businesses in particular should therefore be prudent when it comes to choosing a cloud computing provider as without the necessary security measures in place, such as dedicated firewalls, they could become vulnerable to attacks.
As with any type of database, the cloud is like a house: it needs to be built with security in mind while still enabling access to those that have the right keys. The benefits of cloud computing tend to outweigh the disadvantages, especially for businesses that are looking to expand their offerings and require instant access to information on a regular basis. However, as with any form of technology, choosing the right cloud computing software for your company along with the security measures you put in place is essential for keeping your data secure.
Harsal Thakrar, Product Architect at Fluidata, adds: “’Cloud’ is such a generic buzz word that actually doesn't mean anything more than a service which is hosted from a remote and usually centralised location. When we talk about iCloud, most people see this as a back up service for their iDevice and photos (although it is much more than just that). So if we are talking about storage as a service (SaaS) a business should look for a service which will encrypt data in transit and in storage, ideally it'll also have two stage authentication for access.
“It's very important that users are aware if the cloud system they are buying into meet legislation and is secure. If that's the case then in reality the biggest threat to data leaks and systems breaches is the users of the system, and not the system itself. While not quite two stage authentication, Apple have implemented an alerting system which should help prevent reoccurrences like this in the future.”