Cloud computing brings changing security risks

Cloud-based services are fast becoming established as a credible alternative to existing server-based IT solutions but organizations are failing to recognize the new security risks they face and take the necessary steps to provide adequate password protection.

More than 21% of respondents of a CRYPTOCard survey confirmed that cloud computing already forms part of our IT infrastructure or trials are already underway, with a further 27% likely to have a solution in place within the next six months.

More worryingly however, for two thirds of respondents, little or no consideration has gone into evaluating and mitigating the risks associated with cloud-based services with regard to network security, application security or access control, for example.

In other key survey findings:

• Of those respondents who expressed an opinion, 77% agreed that cloud computing helps the company react quickly to changing market conditions, 91% that it allows us to rapidly increase capacity and capability and 75% that it reduces up front costs
• 78% of business owners and 86% of IT departments strongly or very strongly influence the budget for cloud computing applications
• By contrast, in 38% of businesses, the Information Security teams have little or no influence on the cloud computing budget.

Passwords and the cloud

Overall, 36% of IT staff recognized that cloud computing presents a greater risk to information security than in-house computing, with a further 44% confirming that it presents a different risk.

However, typically two-thirds of respondents were unaware of whether or not the business was using individual applications such as Hotmail, Twitter or Google Mail and if these were being used on a cloud- or in-house basis.