caution - internet security and the cloud - risky businessthe externalities of a booming business

Have you ever checked the balance of your bank account on your smart phone? Ever downloaded a PDF from Dropbox on your tablet or PC? Chances are you answered one of those questions yes and if so, you've been in the cloud. We've all heard the term 'cloud'. It gets thrown around a lot and it's safe to say that it has probably become more of a marketing buzzword than anything, but it's a big business nonetheless and one that impacts our daily lives a lot more than we may realize.

But for every convenience that cloud based products and services have added to our lives, they've added an additional amount of risk in the form of information and identity theft. The more and more of our lives we pour into internet based products and services the more and more of our lives are exposed to the internet. If we've learned anything from the internet since it's creation it's anything but safe especially for information that has value to criminals. 


1. what is the cloud exactly?

(hint: if you know what the cloud is, skip this first section...)

Storage

This is big question but I think it's most easily explained by breaking down the cloud into 3 sub categories and addressing it on a simple level first. In it's most basic form, the cloud is internet connected data storage that is accessible on the open or private web. Simple as that. Hard drives housed in data centers connected to servers that store data and servers that push that data upon request.

The concept of the term 'cloud' fits nicely in the sense that data can be pulled from the hard drives on servers and pushed to any device no matter where you are. Combine that with the advent of internet being in your pocket now (mobile devices and cellular data) and the term 'cloud' fits better than ever. Pulled from the 'cloud', onto your device, wherever you may be.

mobile cloud - internet security and the cloudStorage plus Software

Add software to the mix and we add another layer of complexity to the definition. Take Dropbox for example. At it's heart, it's nothing more than what we described above. Massive amounts of internet connected storage. However, Dropbox fits the term 'cloud' perfectly by applying software to the mix. Dropbox has desktop software for Windows and Mac to access this storage on any PC. They also have mobile apps on every major mobile platform (iOS, Android, Windows phone, etc) so you can access your data wherever you are. They have merged device based software with massive amounts of storage for the perfect cloud based business.

Software

There are also cloud services that are simply software based instead of storage based. 10 years ago, if you wanted to use software, you'd have to purchase a license and install the software on every computer you wanted to use it on. It may be internet connected software, and even use a cloud based storage system to share information across the platform's users - but in the end, the software is still on the computer using it (I.E. your PC or Mac).

Fast forward 10 years, and introduce cloud based software. No longer do you need to install the software on the machine using it. Simply type in a URL into a web browser and the same software platform that was previously stored and installed on your PC is now stored and installed on a server in the cloud. This allows the user to use it and access it wherever they are - at the PC or on a tablet or mobile device using an app adding a level of convenience never before seen as well as freeing up large amounts of storage on local machines.

Is your website safe from cyber threats? >>>>>

2. the risks of cloud based data

The risks of cloud based data are inherent because of the very nature of how the data is stored and accessed. Let's rewind the clock again 10 maybe 15 years.  A huge amount of all data in world was stored on individual computers (and their hard drives) located in people's homes or on their laptops. We refer to this as 'local' storage. The only time this data was ever really 'at risk' was when that computer was logged on to the internet - and before broadband based internet connections, there was very little risk of individual machines being hacked and very little reward for doing so. Maybe you kept financial information on your personal computer - no problem right? Back then, you were probably right to feel safe.

Fast forward again, and the game has changed. Instead of keeping all that financial information on an individual computer, there are cloud based services where that data is held. Mint.com for example, a cloud based financial management application recently purchased by Intuit. Convenient right? You can now access your savings plans, check your credit, look at account balances and statements, and move money around anywhere you are on your smart phone, tablet or on any computer. Cool right? Yes, but risky.

internet security and the cloud - risky business - mobile cloudWhat we as a society are just starting to realize is that by consolidating all of this data in one location, the rewards for accessing this database/server pool are greater than ever making these cloud services major targets of internet based attacks and hackers. Instead of having to hack one PC at a time to search for valuable information, we've all poured our lives into apps like Mint making it easier for hackers to locate that information.

It's also not just individual users, banks have done it too. Think about online banking. We don't really think of it as a cloud service because it's free with an account at any major bank, but a cloud service is exactly what it is. All your account information, account numbers, balances, statements, and credit information stored on servers allowing you to access it from any web browser on any device.

As you can see, the risks of cloud based data come largely from the very nature of cloud based services; consolidated data pools of thousands of individuals' sensitive information.  We've created YUGE targets for data thieves and hackers in which the rewards are gigantic. That's why when these breaches happen they are able to come away with millions of individuals' personal information that can in turn be used for essentially some form of identity theft (opening a credit card in your name, using your financial information to make purchase, etc). 

 

Check out these other great posts on digital security!

  1. Another lesson learned from the Yahoo! hack
  2. Google's Chrome will start flagging websites without SSL

 

3. A new wave of digital security demand

Needless to say, the recent bout of data breaches on some of the largest internet companies has spurred an increased demand for greater web based security technology. The big question is, are there companies with services out there that can actually handle the demands of these larger cloud based services - and that remains to be seen.

However, it will be very interesting over the next few years to see some of the bigger players in the industry try to step up to the plate. There is little doubt that some of these companies are currently employing some serious digital security measures in the form of both hardware and software and data breaches are still happening. 

There is also a human factor to this game. The best security hardware and software in the world can't help you if some of your high ranking company personnel are using the password '123456'. Password's being compromised are still responsible for a gigantic number of all hacks that take place. Hackers don't need advanced software and malware if you can simply use the account password to get the information they need. Along with better digital security in the form of hardware and software, cloud and internet based companies are in great need of better practices and policies regarding security information, password resets and use, and how these credentials are stored and shared.


 

convenience vs risk

It really comes down to this: how much risk are we willing to take on for the convenience of cloud based services? With every week that goes by and every new data breach that takes place (among some of the largest internet based companies in the world!) we take a look at our own digital lives. We asked ourselves, what information am I putting on the internet? What files do I have on Dropbox that could be sensitive? What am I putting in my emails that could put me at risk if my account were compromised?

These are good questions. Cloud services are very very useful. They've allowed us to share data at an unprecedented rate. They've added an unbelievably large amount of convenience to our lives helpeund us become more productive. However, unless digital security can keep up with the constantly evolving cyber attacks on these services and the components they use we are going to lose faith in the safety of cloud based services. That will have a lasting impact on the growth and success of the industry and thus the utility we can derive from it.


website security, cms, wordpress, drupal

 

About the author

Steven Milne

I'm Steve and I'm a co-founder and CFO at Digital 1. I am responsible for helping companies grow through lead generation anchored by Inbound Marketing. I also have a background in digital and cyber security. I very much enjoy writing and blogging at Digital 1. I love helping companies realize their website's potential. It's always so satisfying to see their online presence expand and generate business essential to growth.

Subscribe to our blog!

NAVIGATION

Subscribe to our Blog!

digital-one-logo-horizontal-black-and-white-copy-2-4.png© Copyright 2016 Digital 1

Digital 1 - Digital Inbound Marketing. Digital Security