The Promise of the Cloud

Next story

Image

The Cloud as both a buzzword and a technological platform is here to stay. What does that mean from a security perspective?


“The promise of the Cloud is that every individual and organisation has unlimited access to information, at any time, no matter where they are.” So says Microsoft’s latest TV ad.

Renting servers, storage, software and raw processing power are fairly commonplace nowadays and many companies, Google, Microsoft and Amazon for example, offer complimentary Cloud services to their customers.

A recent report suggests that there has been a 45% rise in cyberattacks on Cloud-based deployments. Is there anything that can be done?


Economy and Convenience


Mark James, ESET IT security specialist, suggests that the Cloud is an extremely attractive prospect from a business stand point.

“I think the move to cloud based services is quite appealing to the modern day economy: being able to rent server space by the month is much more appealing than committing large amounts of money for in house servers along with the security that goes along with it.”

That’s what Microsoft’s latest ad infers: a small team in a small office could access the same number of servers, the same computing power as a larger firm with room for an onsite server centre.

It also means that we can store our photos, documents, videos, etc. in another place and are able to make them accessible from anywhere at any time. Plus the more backups the merrier!

“To be able to rent the hardware, software and the security for that equipment is appealing but should not be taken lightly.

“You have no direct control over the quality or the consistency of said security and of course you are part of a much bigger target.

“If your servers are in house then not only do the attackers need to gain access to your systems but your footprint is a lot smaller.

“When the big cloud suppliers get attacked and its successful the wealth of information available is so much bigger.”


How can we secure it?


Before you invest in any Cloud service be sure to check its credibility: what security measures do they take? Do they offer 2FA? How do you log in? How about guaranteed uptime? Do they have scheduled maintenance you need to be aware of?

Remember that although your data is stored elsewhere you are still a point of weakness. You’ll have to login to your account therefore you should use a strong unique password and as many methods of authentication as you can. The more layers the better.

“Understanding the ways and means that cyberattacks happen is key to putting in place counter measures to stop it happening to you.

“We have to be pro-active and not reactive in terms of security and ensuring the hardware and software is maintained and patched to its latest versions is a must if we want to stand a chance against these cyber criminals.

“Making sure clear segregation in technologies used will limit the damage if they do get in and manage to gain access to some systems, also make sure you read and understand exactly what your cloud provider expects you to do and also have a clear understanding of what you want from them.”


Which Cloud services do you use? Are there any that you specifically avoid?


Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.


Are you Serious about Security? If you are then check out everything that’s going on during Security Serious week.