Cloudy with a chance of hacking

Straight Tech is published regularly in The Coastal Journal

The IT industry continues to evolve rapidly, with new technologies and solutions emerging at every turn. Right now, cloud computing is a buzzword, and I am often asked, “What is it?” and “Is it secure?” With the recent exposure of provocative photos featuring well-known celebrities, the focus once again turns to cloud data protection.

Cloud computing is a marketing term for data and applications delivered as a service, rather than owning and maintaining the systems yourself. The benefits are mainly cost and availability – because the services are typically delivered over the Internet, you have access to information wherever you are. And because you are only paying for the service, there is little capital cost to enjoy the benefits of a robust, reliable system.

Most reputable providers have spent hundreds of thousands of dollars building infrastructure to deliver these services reliably, providing you the benefit without the expense. But when you store information on a system that’s maintained by a third party and exposed to the Internet, you are banking on the provider to have adequate security and business practices to protect your information.

If you own a business and store business data to a cloud service, you need to understand any regulatory requirements (such as HIPPA or PCI DSS) that you and the provider are required to follow. In order to determine this, you should look closely at the company providing these services to make sure it has the proper compliance pieces in place relative to your business.

While the list of cloud services is growing, I have selected three primary cloud computing areas to describe: File storage, applications and email.

File storage – Probably the most widely used service is cloud file storage. The ability to store and access your data from anywhere has tremendous benefits to productivity. Google Drive and iCloud are popular services for this. If used properly (good passwords, safe computing practices and a secure computer to access them), they are very safe.

However, we recently saw that a celebrity had her account hacked. It’s been determined that the hackers simply reset the account password by answering the security questions posed during the “forgot my password” process. This is a common practice. It’s important to not only use secure passwords, but use information not easily known or obtained for your security questions.

Applications – Applications such as accounting software, customer relationship management (CRM) and electronic medical records (EMR) are some examples of cloud applications. Again, we see the productivity gains and cost savings of using these services. These solutions also scale easily, allowing you to grow without having to upgrade your infrastructure – simply purchase

It’s important to consider the drawbacks, such as reliance on a functioning Internet connection to access the information or industry regulatory requirements. I’ve also seen cases where a company terminates the relationship with a provider, only to learn that the data will be returned in a proprietary format (unusable or costly to recover).

In addition to following the security practices mentioned above, scrutinize the contract with your provider to ensure you will still own your data. You may also want to consider a second “backup” Internet connection using a different provider.

Email – Email is critical to many businesses, and personally I use email for communicating with family and friends regularly. It’s important that my email works all the time. This is where cloud computing really shines.

It would be cost prohibitive to build the infrastructure necessary for a truly fault-proof email system. Cloud providers use multiple redundant servers, making any downtime minimal (versus one server at your business that could fail and cause downtime immediately). Email is filtered for spam and viruses before reaching your computer, typically by multiple systems. Engineers work 24/7 to ensure these systems are functioning properly and securely. Reputable providers also back up their systems so data loss is not an issue. As for security, in addition to following the practices mentioned earlier, it’s a good idea to not store or send passwords and other sensitive information in email.

While cloud computing has great potential for any business, its important to work with someone knowledgeable to understand the best approach. Practicing safe computing and using a reputable provider will help keep your data safe and secure.

Posted in

Matt Rice, CTO

Matt is a graduate of Central Maine Technical College. He has been with Burgess since 2001, acting as Service Manager, then General Manager, before becoming an owner. Matt focuses on developing and delivering technologies that fit best with customer needs.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *