With almost as many fans as detractors, cloud computing has recently been under heavy criticism. The security of the system is increasingly being debated, to the point that some prefer to simply give up on it. So should we be afraid of it?
Questioning cloud computing
Fappening, security breaches at Microsoft, Sony, or even Amazon; these various highly publicized events of personal data leaks are all linked. The data in question was each time hosted on the cloud. Formerly the ideal of IT professionals who have become in a few years the ultimate for many companies of all sizes, cloud computing continues to be called into question. The issues related to its security are thus not new and have even arisen since its beginnings.
Indeed, the very idea of cloud computing presupposes that the company – or the individual – entrusts all or part of its data to a third-party installation located somewhere in the world. However, a company’s data is most often its most valuable asset; its security must therefore be ensured to the maximum. It is therefore appropriate to think not only about the types of data that we wish to transfer but also why.
Several questions must therefore be asked before any migration:
- How is data confidentiality ensured?
- What quality for what price is offered?
- Who owns the data then?
- What guarantees are there in the event of total or partial loss/theft?
What risks?
A simple set of questions that should help protect against the main risks currently weighing on cloud computing:
- The proliferation of software that allows for quick and easy attacks on servers
- Failure or bug preventing access to hosted data
- Espionage
- Inevitably limited effectiveness of any data encryption
- Difficulty, if not impossibility, to switch your data to another hosting server
Potential complications weigh heavily in the balance for companies when deciding whether or not to turn to this system. Some even go so far as to want to ban Wi-Fi or the use of personal devices within their structure to preserve the integrity of their organization. Somewhat extreme choices that are more reminiscent of a spectacular step backward than a truly innovative solution proposal.
Towards what perspectives?
Because we should not only see the dark side of cloud computing. Some advances thus highlight new security logic applicable to the greatest number without drastically disrupting the -bad- habits that may have been adopted:
- Suggest a unique password, specific to each connection
- Establish a double verification system (by SMS, fingerprint, etc.)
- Establish separate high-security zones with exceptional security
- Train all company users in best practices to adopt
In summary, choosing cloud computing is never without risks and should never be done by chance or on a whim. It is a choice with serious consequences that deserves to be carefully considered, based on needs and uses, not only by the IT department but by all competent decision-makers. Once the decision has been made, however, it is not enough to pray and hope to be spared. Data security is a daily effort that deserves to be taken seriously. So you have been warned!