By Praveen Kannan and Anna Strokolyst The Hotspot Shield team believes the internet should be open and secure …
Understanding the Strength of the Cloud
Many companies who turn to cloud storage do so with the assumption that the cloud is better protected from outages, disasters, and other events that can lead to data loss. This is true under the right circumstances, but those who don’t properly leverage the capabilities of the cloud end up just as vulnerable as those with information at a local datacenter. To keep data safe on the cloud, companies must utilize geographical redundancy. This means that their information is duplicated and stored at multiple points throughout the provider’s system.
Properly Utilizing Cloud Storage
When information is stored on the cloud at a single provider facility, it is just as vulnerable as information maintained at a local datacenter. The cloud, despite its name and associated imagery, is nothing more than a series of datacenters, rooted very firmly on the ground. It is only the presence of widespread redundancies that keep information safe from outages and other local events.
You can keep information secure by opting for cloud storage, but it’s important that you ensure your data is stored on a large-scale cloud with extensive redundancy. The best way to keep information safe is to duplicate it over a wide geographical area that spans several cities, states, and even countries.
Political Threats to Global Cloud Storage
The Leviathan reports caution heavily against the dangers of localization. In the face of governments who try to limit global Internet access and those calling for national Internets that are walled off and theoretically protected from international threats, it’s important to point out the value intrinsic in global communications.
Egypt’s government unintentionally highlighted many of the flaws in this type of thinking when it attempted to ban access to the global Internet in 2011. Providers outside of Egypt quickly provided dial-up Internet access while the Speak2Tweet service allowed Egyptians to leave voicemails that were converted into Twitter posts. The Internet quickly finds ways to work around censorship and localization, and new laws will not thwart the lawless.
Rather, globalization is a core strength of cloud computing, protecting data from widespread national disasters. Leviathan CEO Frank Heidt warns that localization would be a major change that would “harm both businesses and the general public.”
Maintaining Data Security
Data security is a major concern for those considering cloud storage. Since multiple companies store data with a single cloud storage provider, it’s a given that the cloud is a massive space. A single chink in its armor has the potential to threaten not only one company’s information, but many. There are also concerns about the cloud provider itself accessing clients’ data.
Many cloud storage companies provide zero knowledge services to allay this fear. A zero knowledge vendor encrypts all customer data and ensures that only the client has the key. However, a study by researchers from Johns Hopkins University pointed out that if information is not only stored on the cloud but also shared via this same service, the vendor again has the opportunity to view it. Though they found no evidence of such a breach, the study pointed out that even zero knowledge vendors are not completely secure.
The Leviathan report, however, does not address any of these common concerns about cloud security. Rather, it points out that attacks are inevitable in any organization. It goes on to demonstrate that cloud systems are better equipped to secure data than a localized storage provider.
Supporting Maintenance Activities
Assuming that any organization’s information can face a potential attack, the issue becomes whether a cloud is better equipped to handle said attack. Leviathan describes data storage as “an environment of a continuous war of attrition in which the attackers are many, and the defenders few.” It is true that a number of security and safety measures are essential to protect data on the cloud or in any data storage facility. This includes security patching, frequent updates, changes in network devices, and perimeter rules changes.
Maintaining secure data storage is costly, complex, and time-consuming. It requires extensive resources and knowledge. While some companies are equipped to provide this on-site, others are better served by essentially sharing security resources with other clients who use the cloud storage service. For most companies, cloud computing is more cost effective. It eliminates the need to make major upgrades to devices when technology becomes outdated. It also relieves some of the intense pressure for companies to find, hire, and retain qualified cybersecurity personnel.
Hiring Challenges in Cybersecurity
Worldwide, more than a million cybersecurity positions go unfulfilled according to Leviathan’s report. This worldwide shortage presents a significant challenge for every company with valuable information to protect. The shortage presents problems not only nationally, but also internationally. For every cybersecurity expert imported from another country, there is a gap left in their country of origin that prevents them from fully utilizing their own security resources.
Leviathan’s report suggests that while there are many long-term solutions underway to address this problem, perhaps the best short-term option is to share security experts. Cloud storage facilitates such sharing by building global networks. With a limited number of cybersecurity experts available, one of the most reliable ways to gain access to this knowledge and its benefits is to use a cloud computing service that can share its security infrastructure with several clients around the world.
While cloud storage is far from a flawless option, it offers many benefits that companies simply can’t match with localized data storage. Understanding the potential threats, however, can equip users to select reliable cloud storage services that will protect their data to the best of their ability.