Migration hosting platform to cloud computing has been increasing tremendously since 2007, according to a survey conducted by the Pew Research Institute indiccated that about 70% of Americans use cloud services. Cloud computing has exceeded everyone's prediction on how big it's expected to be.
A prediction by IDC, cloud computing market will worth over $107 billion in 2018, while Gartner, predict any corporate ‘no-cloud’ policy will be as unusual as a ‘no-internet’ policy backdated to now. You can imagine an organisation without webmail, file sharing, storage, and data backup.
Cloud computing is taken over the internet, there is a tremendous need for awareness associated with it risks. Data breaches of over 500 has been recorded worldwide this year, this is according to the Identity Theft Resource Center (ITRC).
Curious why cloud computing has continued in the face of high-profile data breaches? The reasons are not farfetched from the ones mentioned below.
Cheapness, hugeness and betterment
Cloud computing environment easily meet user requirements. It is not by limited by physical resources, and is easily scalable. This is why it's always a best choice for start-ups. Cloud computing makes state-of-the-art capability available to anyone with an internet connection and a browser, reducing hardware and IT personnel costs.
Upgrading and management of cloud services and software applications are done off-site by the provider. Technology that organisation can not able to afford are readily available for them by providers.
Security based risks are normally the bottleneck of cloud computing. Clouds are often made up of multiple entities, which means that no configuration can be more secure than its weakest link. The link between separate entities means that attacks to multiple sites can occur simultaneously. When cloud providers do not employ adequate cyber security measures, those clouds become a target for cybercriminals.
Cloud Computing Risks, Threats and Solutions
Top twelve threats known as the "Treacherous Twelve" was released by Cloud Security Alliance (CSA) in March 2016.
Data related security breaches are often at the hand of the organisation and not the provider.
Organisation can be fined or face criminal changes in case of data security breaches, be it intentional or unintentional. Although, cloud service providers deploy a high level of security measures, the CSA advises organisations to implement a multifactor authentication and encryption system on the user end to protect against data breaches. This could involve Two Factor Authentication (2FA) or other secure methods of security.
Issues of permission or file sharing is another risk within the organisation. User role level and upgrade or downgrade when the need arise is very important.
Training and retraining of staff is a key to maintaining a secure cloud environment.
While the cloud may differ to local networks in many ways, its data centres remain just as susceptible to damage or destruction by natural disasters. To avoid losing data to fires and floods, distribute data and applications across more than one zone. Implement appropriate data backup procedures, and adopt best practices in business continuity and disaster recovery.
Cloud Computing in the future
The decision for an organisation to not take advantage of the technological advances made by the cloud is an unwise decision. More than that, however, cloud computing services and applications also support growth in a way that traditional IT hardware cannot. Whether it is a start-up with a handful of staff, or a multinational corporation with a headcount of thousands, the cloud continues to be the way of the future.
In few years to come, the regulations and laws around data in the cloud will come into maturity. Like many times in the past, governments are moving slower than the technology when it comes to implementing policies and law. Decisions made in the courts will instead set the precedent of who is ultimately responsible for the security of information stored within the cloud. In the meantime, organisations around the world can focus on self-regulation as they tackle cyber security in the cloud.