Cloud security question: have you ever stopped for a moment and thought about what exactly is so risky in the cloud?
Some will tell you horror stories: that it’s possible to tap between two guest machines, or to steal private keys or log keyboard strikes – your imagination is the limit. Others will say if your data is stored on cloud servers, then those that have physical access can steal your data.
There are so many ghost stories about why we should reject the cloud, but I say we can do it. It is possible to change from a naysayer to the positive kind of character everyone loves.
For instance, while it is technically possible to tap and log some sort of information between guest machines, it was only partially proven in optimal conditions simulated in a lab. The truth is that it is a completely unrealistic scenario in real life. So, I will categorize this as close as possible to “no risk” – last on my list of concerns.
Platforms like DropBox, SalesForce, and, yes, CloudLock comply to so many regulations that the business depends on it, meaning non-compliance is riskier for cloud vendors than to the customer.
But, let’s say that something does happen (I think the phrase native english speakers use is something hits the fan, right?).
If, by chance, someone was able to steal the physical media from the gazillion disk arrays that live in Google datacenters, lets see them break through the file encryption (encryption at rest).
They should have one heck of motivation because it will take forever to break through all that. Let’s mark this concern very close to the bottom, like the previous item.
This is the way in which I tackle these thoughts.
By now, you probably think I am painting a perfect world. I understand your concern. After all, it’s not a perfect world and there are risks out there.
Now, what will be of top concern to me? A great deal of research indicates a direct relation between mobile apps and malware. Note the nuance: it’s not mobility so much as it is the apps being used to access corporate data.
Many of these apps have excessive access rights, going as far as to view, edit, and delete any corporate data the user has access to.
Being able to identify these apps, their rights, and then exercising control over them is the key to reduce risk. Let’s bring this back to my organization.
In our Apps Discovery and Control offering – a component of our Cloud Security Fabric – we leverage peer insights (the “Community Trust Rating”) to help security professionals efficiently and effectively eliminate risk in their environment.
This is our turnkey solution to help you default to a “yes we can” approach. You can do it, too. I believe in you.
What people are doing in the cloud, how it’s being used, what the true exposure levels are, and the security measures around all of it – this is what matters to me. For more, be sure to read more of my analogies.