The Cloud technology is not the cure for all cyber security problems

I jusingle - bigstock-Thunderstorm-Weather-Icon-6591423-st read an article that said—to summarize—that moving your business to cloud technology will solve all your problems. 

If you believe that drivel, then you have a major problem. 

At times I do wish that ignorant managers, executives and business writers would “shut the F up,” because cloud technology is not the panacea that everyone is looking for.

I agree that “cloud technology” can solve a lot of problems. 

Specifically, it can solve problems associated with the cloud.  Cloud storage ensures that your information is protected from on-site hardware malfunctions and can be accessed from any location. 

That’s great, but it leaves a lot of other important considerations out. 

Considering most of the drivel concerning the cloud is being peddled by the cloud technology companies themselves, it is time to take a step back and look at what the cloud will not solve.

Let’s say your business has signed up for a “secure” cloud storage system and uses it to store important data. 

Your cloud environment is never going to be secure:

  • If you use an insecure password (or, even worse, no password) on your wireless access point at work- problem!
  • If you use insecure wireless access points in a café – Problem!
  • If you do not encrypt the traffic between device and cloud – Problem!
  • If you use unprotected hardware and software, or
  • if you use a simple password because you don’t want to change it and you cannot remember it.

Cloud Technology is great when it comes to storage and protection, but you still need to do your due diligence concerning where and how your data will be parked in the cloud.  If you lose your control over YOUR information, then no matter what, you are in for a world of hurt.

Yes, cloud technology is a great solution—for the problems it was created to solve.  But without having a security framework around the way your business accesses the cloud, it will be the most insecure system you could possibly imagine.  Your information is out there, without the additional components of technology, management, adaptability and compliance that you would make use of if you were storing it on a hard drive (or in a filing cabinet) on-site.  The information you’re storing in the cloud may as well be posted on a blog on the internet.

Before you make that move to cloud technology, make sure that all of your other security components are updated and in place.  Only then will you have a secure cloud environment.

Read the Cloud computing Mini Guide

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.

Leave a Reply