Securing the keys to the cloud

As the cloud model is put to the test at more organizations, security holes and malware are coming to light. Here's how to cope.

1 2 3 4 Page 2
Page 2 of 4

Gilmore says he sees cloud security risk breaking down into two major categories: malicious attacks and malicious content.

"Malicious attacks would be in the form of something like the attack that happened to LinkedIn," Gilmore says. "Many of the cloud service providers started off small and on a shoestring budget. As the companies grew, the infrastructure grew, but most likely the simple architecture design that helped the company get off the ground did not mature as the company expanded. I believe this is what happened in the LinkedIn case."

The second category, malicious content, comes in the form of viruses and malware. "Public cloud sites such as Google, Amazon and Facebook are all breeding grounds for such malicious code and are a danger to any enterprise that either employs them or allows them to be utilized as work tools," Gilmore says. "I think the biggest flaw in this whole design is the lack of end-user administration control over the cloud resources."

When a company uses the cloud, it's "renting someone else's technology," Gilmore says. "You are relying on them to be diligent with security updates and using the latest and greatest security technologies. You have no way of knowing if that is actually happening."

The next big threat that will emerge, Gilmore predicts, is the "hijacking" of cloud resources. "As people fail to meet security standards, such as using complex passwords, and leave machines running for days on end, the likelihood of intrusion is going to increase and eventually resources will be hacked," he says.

Another thing to take into account when assessing the security of the cloud is the fact that many service providers are new to the market. "Due to all the publicity, multiple new companies and even older established companies with no previous IT, data management or security experience are getting into the business of cloud computing," says Jerry Irvine, CIO at Prescient Solutions, an IT services provider in Schaumburg, Ill.

"As a result, uneducated users and many small to midsize companies are looking at cloud services as simply a commodity purchase, comparing pricing and systems' flashy features, as opposed to the necessary functions of security, fault tolerance and integrity," Irvine says.

1 2 3 4 Page 2
Page 2 of 4
It’s time to break the ChatGPT habit
Shop Tech Products at Amazon