Database Reference
In-Depth Information
cloud services led to a global crash. The Microsoft case demonstrates that
even when armed to the teeth with security protection, cloud companies
are not guaranteed to continue providing services. Indeed, the very act
of protection, of adding that extra layer of complexity that needs to be
managed, can lead to a catastrophe. This snafu was not an isolated case.
Cloud companies regularly lose data, and accidental loss, mainly through
deletion, was considered the second most signiicant security problem
facing cloud companies in one survey (Gonsalves 2013).
In another survey of 3,200 companies, 43 percent admitted to losing
iles stored in cloud computers and had to use backups to retrieve them.
Still, almost every company reported at least one failure in the recovery
process. Although a leading provider of security services conducted this
survey, the problem is serious enough to alarm even independent security
experts (ibid.;
Investor's Business Daily
2013). Moreover, the growing trend
to “bring your own device” to the workplace has created major security
problems. Companies might spend millions to keep out hackers only to
ind that their own executives are causing major security breaches because
they use unprotected smart phones, tablets, and laptops in the workplace
(McCarthy 2013). The proliferation of cloud-computing providers is also
a source of security concerns because small, inexperienced companies are
also less likely to provide strong privacy protections, as users of the start-
up Digital Ocean learned when they found other users' data, including
passwords, showing up in their accounts (McMillan 2013). But whether
the cloud company is large or small, experienced or not, it is increasingly
dificult for irms to discard data that clients want deleted. Explained one
analyst, “Companies are losing control of where their unstructured data
are. And if they don't even know where it is, they will not be able to delete
it.” As a result, data that one believes has been deleted actually lives on
to threaten a client's privacy (Palmer 2013a).
Failures like these lead security companies to keep layering systems that
pay for added protection with greater complexity. In the wake of the big
start to the “Year Everybody Gets Hacked,” the Cloud Security Alliance
(CSA), a nonproit organization comprising industry security experts,
released, through its Top Threats Working Group, a position paper titled
“The Notorious Nine,” a collection of threats to cloud privacy and security,
each with a set of protocols to minimize the threat risk (
Market Watch
2013). Following on this, the CSA published a report on how to address
Search WWH ::
Custom Search