Welcome!

SOA & WOA Authors: Jason Thompson, Xenia von Wedel, Elizabeth White, Gary Kaiser, Liz McMillan

Related Topics: Cloud Expo, Java, SOA & WOA, Linux, Virtualization, Big Data Journal

Cloud Expo: Blog Feed Post

Will the Cloud Soak Your Fireworks?

Cloud computing is exploding like fireworks with all the Oooooooo’s and Ahhhhhhh’s of what it offers

This week in the States, the Nation celebrates it’s Independence and many people will be attending or setting off their own fireworks show. In Hawaii, fireworks are shot off more during New Year’s Eve than on July 4th and there is even Daytime Fireworks now.

Cloud computing is exploding like fireworks with all the Oooooooo’s and Ahhhhhhh’s of what it offers but the same groan, like the traffic jam home, might be coming to an office near you.

Recently, Ponemon Institute and cloud firm Netskope released a study Data Breach: The Cloud Multiplier Effect, indicating that 613 IT and security professionals felt that deploying resources in the cloud triples the probability of a major breach. Specifically, a data breach with 100,000+ customer records compromised, the cost would be just over $20 million, based on Ponemon Institute’s May 2014 ‘Cost of a Data Breach’. With a breach of that scale, using cloud services may triple the risk of a data breach. It’s called the ‘cloud multiplier effect’ and it translates to a 3% higher risk of a data breach for every 1% increase in the use of cloud services. So if you had 100 cloud services, you would only need to add 25 more to increase the possibility of a data breach by 75%, according to the study.

69% of the respondents felt that their organizations are not proactive in assessing what data is too sensitive to be stored in the cloud and 62% said that the cloud services their companies are using are not fully tested to make sure they are secure. Most, almost three-quarters, believed they would not even be notified of a breach that involved lost or stolen intellectual property/business confidential or even customer data. Not a lot of confidence there. The security respondents felt around 45% of all software applications used by the company were cloud based yet half of those had no IT visibility.

This comes at a time when many organizations are looking to the cloud to solve a bunch of challenges. At the same time, this sounds a lot like the cloud concerns of year’s past – security and risk – plus this is the perception of…not necessarily the reality of what’s actually occurring. It very well could be the case – with all the parts, loss of control, out in the wild, etc – that the risk is greater.

And I think that’s the point. The risk.

While cloud does offer organizations amazing opportunities, what these people are saying is that companies need to do a better job at the onset, in the beginning and during the evaluations, to understand the risk of the type(s) of data getting sent to the cloud along with the specific cloud service that holds it. It has only been a few years that the cloud has been taken seriously and from the beginning there have been grumblings about the security risks and loss of control. Some cloud providers have addressed many of those concerns and organizations are subscribing to services or building their own cloud infrastructure. It is where IT is going.

But still,as with any new technology bursting with light, color and noise, take good care where and when you light the fuse.

ps

Related

Technorati Tags: ,

Read the original blog entry...

More Stories By Peter Silva

Peter Silva covers security for F5’s Technical Marketing Team. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Bringing the slightly theatrical and fairly technical together, he covers training, writing, speaking, along with overall product evangelism for F5’s security line. He's also produced over 200 F5 videos and recorded over 50 audio whitepapers. Prior to joining F5, he was the Business Development Manager with Pacific Wireless Communications. He’s also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others. He earned his B.S. from Marquette University, and is a certified instructor in the Wisconsin System of Vocational, Technical & Adult Education.