Overtis Systems urged businesses to insist upon strong security from service providers before committing to cloud computing. Organizations need to pressure the internet industry into providing secure access, end-to-end encryption and provider-agnostic services in order to prevent data being compromised by attackers or the service provider itself.
At present, cloud computing service providers have complete control over data effectively locking customers into one supplier and there is nothing to prevent them selling on data to commercial entities or passing it to legitimate agencies.
Cloud computing is the ultimate outsource option, with mission critical data entrusted to a service provider and stored in a remote facility. Data, applications and even virtual clients are now migrating into the cloud because this method of computing supports emerging endpoint devices and is perceived as more cost-effective in today’s cash-strapped economy.
Cloud computing is being driven by large internet behemoths such as Yahoo! and Google who have access to vast data centres and the kind of web-based technology that can provide instantaneous access. However, securing data is not their specialty and there is little to stop these giants from monetizing this data by providing access to third parties. Unless enterprises act now to help shape a viable cloud computing model, their data could be at risk.
Overtis Systems offers the following advice to those climbing into the cloud:
Ring fence your data – seek out a provider that can provide you with an encrypted vault or “clean room’ that the service provider does not have access to. Ideally we need to foster a cloud computing model that mimics the remote back-up and email archiving services that we see today whereby data is encrypted end-to-end.
Invest in strong authentication – two factor is the bare minimum and you should consider investing in supplementary biometric access systems which cannot be duped, such as vein-readers.
Local back-up – ensure that your data and applications are routinely backed up to a local source. This may seem to defeat the object of being “in the cloud’ but it will provide you with business continuity and peace of mind.