By Ogunleye George
Cloud computing refers to outsourcing data once stored on privately owned computers; this is now the hottest IT trend in the business world, their reason for tapping into cloud power boils down to cost-cutting and convenience.
This allows companies to shed expenses on IT infrastructures by reducing the amount of hardware and software they need to purchase and maintain to process and store information.
The basic tenet of cloud computing is that the responsibility of maintaining the software, database etc is no longer in the hands of the user or business owner, but is relegated to a third-party.
The concept of Cloud computing further strengthens the idea of Ubiquitous computing enabling a real-time global sensing, informational retrieval, and multimodal interaction with the user and enhanced visualization capabilities. In effect, gives extremely new and futuristic abilities for user to look at and interact with at any time and from anywhere.
However, potential security threats to virtualized computing environments are complex as most client of cloud computing have no idea who is managing the computers with their information; no idea of where their data are; no idea what protections may or may not be in place to make sure their information is not stolen or disclosed or that it does not accidentally disappear.
Lately, cloud-based services have been taking a bit of a beating. Sony’s PlayStation Network got hacked and was offline for more than six weeks. On April 21st Amazon’s EC2 cloud-based platform fell over, since many tech sites use EC2, they had the knock-on effect of taking down services such as Reddit (social news website), FourSquare (a location-based social networking website for mobile devices) and Quora. Few days ago, Visa and MasterCard warned banks of a potentially massive breach of payment card information which could affect over 10million customers.
The large contentious question is thus: should very sensitive HR data reside on the Internet?
Knowing that these firms are fully aware of the legal implications of losing customer’s; deep facts favours wise use of keeping data on vendors’ servers operating on the Internet or “in the cloud,” and not on a company's computers but truth be told, it’s a very risky practice, as it sends a “store your data at your own risk” message across.
Cloud hosting takes up less space thereby saving companies cost of implementing and maintaining expensive technologies. Software-as-a-service (SAAS) or in other words, “cloud computing” offers “renting” rather than buying of software to house information such as payroll, benefits or recruiting data; this conveniently lifts off IT maintenance burdens.
Cloud computing makes an IT investment more efficient, flexible and faster and allows access to data anytime, anywhere, any place and with any electronic device.
Having ubiquitous access to that data make that data more prone to theft and exposes it to threats.
Cloud storage solution that relies on a password to access your data can have its passwords hacked. However, it is advisable to choose a password that is difficult to hack with dictionary attacks, and also regular change of password help reduce the chances of success from brute force attacks.
Data en route to a cloud server can be captured; however, most storage services will encrypt the data on transit, making it impossible to read even if the file is captured. If your cloud storage works through a Web app, look for "https" instead of "http" in front of the URL in your browser's address bar. That extra "s" indicates the form is using secure HTTP.
If you have a standalone cloud storage app installed on your computer, check to be sure that app uses some type of encryption for its Internet exchanges.
Cloud service models include:
Infrastructure as a Service (IaaS): takes care of support operations by providing model in which client services and equipment are housing, ran and maintained.
Platform as a Service (PaaS): provides computational resources through the platform such as Operating System. PaaS is built upon the principals of Infrastructure as a Service by providing an environment where applications can be built and deployed in a secure, rapid and high quality manner. This eliminates the hardware dependency and capacity concerns.
Software as a Service (SaaS) is the simplest form of cloud computing. It covers the implementation of specific business functions, customized business applications, etc. It reduces the hardware and licensing cost..
When computing is outsourced, control of security measures is also relinquished; thus eradicating the responsibility of the business owner. This is not a viable ethical practice especially for financial institutes which in most cases are the highest patronisers of cloud computing.