Sunday, February 2, 2014

Cloud Security Risks

According to Reuters, Larry Ellison, CEO of Oracle Corp, recently addressed the concerns individuals have been having regarding the security of business customer’s private data.  Edward Snowden, a former NSA contractor, revealed a PRISM surveillance program had been in operation by the NSA since 2007.  These revelations confirmed a fear held by many individuals, a fear that the government could access data stored on any U.S. server.  Oracle “and other major Silicon Valley companies are increasingly offering Internet-based business service…in a trend known as cloud computing” (Randewich 1).  This cloud computing can save companies a great deal of money, as companies no longer have to maintain “there own servers and other IT infrastructure” (Randewich 1).  Analysts say that these concerns regarding government involvement in privacy, however, may cost technology vendors “billion of dollars in lost sales” (Randewich 1).  David Litchfield reaffirmed individuals of the safety of Oracle’s product, stating “an Oracle database hasn’t been broken into for a couple of decades by anybody” (Randewich 1). 
            There are numerous benefits of utilizing cloud computing.  Utilizing a cloud to store information is cost efficient, relieves companies of unnecessary hardware, and accessing and backing up information can be done with incredible ease.  The advantageous of cloud computing are apparent, however, the question companies must begin to ask themselves is whether or not these advantageous outweigh the noticeable threat to information.  The reality is that clouds are not secure enough to hold the sensitive data being stored in them from possible hackers, especially from government agencies.
            If the NSA can access data stored on any cloud, it is highly likely that other, foreign governmental agencies possess the same capabilities with regards to accessing data within a cloud.  While utilizing hardware to store information may be more expensive, outdated, less accessible, and overall more of a hassle than clouds, one thing is certain; data stored in hardware is secure, due to its lack of accessibility.  If one were to extract data from hardware, one would have to physically be at the storage location, creating difficulties for those attempting to acquire information.  A cloud, conversely, may be accessed by anyone with an Internet connection; therefore, an individual anywhere in the world may extract one’s data. 
            Reverting back to hardware is clearly not a viable solution to this dilemma; however, companies must find new means of securing their cloud computing software, for the sake of maintaining profits and securing valuable information.  Oracle CEO spoke of Oracle’s security due to the fact that David Litchfield, an established security expert, stated that hackers gained access to Oracle systems “regularly” (Randwich 1).  Oracle must now focus on improving security of their cloud computing systems in order to remain competitive in the market.  A means, by which companies such as Oracle may improve security of their clouds, is to implement scanning and encryption procedures.  By initially scanning information in the cloud, companies can detect and take action to solidify information by encrypting information deemed incredibly important.  Encrypting important information can will provide an additional layer of security should a hacker enter a cloud.  In addition, a company can encrypt information as it is being sent to the cloud, in order to prevent an individual from intercepting data on its way to the cloud.  Scanning and Encrypting information will not eliminate security risks entirely from a cloud, however, these measures would reduce security risks considerably.   

No comments:

Post a Comment