As we become more accustomed to huge amounts of data that we have to deal with, and the world in which we live in is ever-more digital, organisations worldwide face the challenges of storing and analysing – the cost of storage, albeit cheaper than in recent years; processing the data; analysing and extracting the relevant data – enter cloud computing; one, two or three clicks and ta-da, your data is uploaded and your server is updated.
Well, in theory cloud computing is just the best thing to hit the IT departments of organisations; the ability to drastically reduce the amount of time and cost in handling Big Data, adding increased flexibility, mobile access, and the speed in analysing data, allowing companies to focus on their core business.
However, as with all things great, there is a downside and in the case of cloud computing it’s security. The very nature of cloud computing, the storing of data in a ‘cloud’ and yet keeping it flexible and easily accessible, means that the data is open to increased cyber attacks. Not a month goes by at the moment when we don’t read about, or hear about, the latest company whose data stored in a cloud has been breached, and this raises other issues: data confidentiality, data corruption and compliance with legal requirements.
So, what’s the answer; well, encryption and authentication methods significantly reduces the data confidentiality aspect but security is still a potential issue, particularly when it comes the use of mobile devices. Without doubt, employees that use mobile devices to access corporate data within the cloud have an ease of access and flexibility not known before; IT departments have reduced the impact of possible breaches by stopping the storage of data on the device with the use of passwords to access the company’s cloud applications, but this is an area of vulnerability with many passwords being easy to hack.
Due to security issues, the number of companies starting to use cloud servers to store big data and carry out analysis is growing but you only need one cloud service provider to be slightly ‘off the ball’ in only analysing a portion of the data or even ignoring any computations to make it difficult to verify and validate results which are, in turn, vital for their cloud customers.
Recent studies have started to focus more on the technique of auditing data remotely and therefore enabling a company to prove data validity and integrity via remote servers. Another area that is garnering attention is the use of implicit authentication as a possible solution to authenticating users – the use of a user model based on their past behaviour which is compared to their recent behaviour and enables the model to effectively authorise the legitimate users.
Cloud computing is growing, confidence in the use of cloud by enterprises to store, analyse and access remotely is increasing, but is security technology keeping up with the cyber-hackers intent on disrupting the growth of the cloud? That’s a question that can only really be answered with time; but what is clear is that if your company is intending to move to the cloud, one of the most important considerations is that of security of your data and user authentication, be it a private, public or hybrid cloud solution.