Cloud computing may not be suitable for business-critical applications
Cloud computing could bring security threats
23 Feb 2009, Angelica Mari, Computing
http://www.computing.co.uk/ctg/news/1822588/cloud-computing-bring-security-threats
Cloud computing may pose serious data security threats to businesses wanting to save on software licensing and support services, according to City law firm Reynolds Porter Chamberlain (RPC).
Despite the cost saving potential offered by taking data storage and applications online, the use of cloud computing may lead to breaches of the Data Protection Act (DPA) by businesses and their information security obligations to clients, the law firm warned.
"A company choosing to outsource their data storage risks claims being made against them by their customers if data held by the host server becomes unavailable during an interruption or outage, or even lost," said Alex Hamer, partner at RPC.
The likelihood of service interruptions also raises concerns over use of the cloud for business critical applications, said Hamer, who points out that the cloud computing community has received reports of 14 outages and consequent lost data and security issues in 2008, an increase from just one in 2007.
"As most cloud computing service providers will not guarantee the security of the data they store, this may put cloud computing users in breach of their requirements under the DPA to ensure an appropriate level of security," said Hamer.
"Companies regulated by the Financial Services Authority are required to have adequate risk management systems in place, and any failure to comply could result in a considerable fine."
Reader comments
© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Flying into the clouds
The benefits of cloud computing are indeed compelling, creating a centralised method to access shared data, significantly lowering costs and reducing data centre space, power and cooling. However, organisations must realise that accountability for valuable business data cannot be as conveniently outsourced.
Companies could be exposing themselves to a business continuity disaster. In many ways cloud computing resembles the Application Service Provider (ASP) model that was prolific prior to the dot-com crash, and a lot of those providers are no longer around.
We must remember that management will always be responsible for protecting company and customer data. It is therefore essential when moving towards cloud computing that businesses consistently ensure the health of the cloud-provided services. This includes gaining complete confidence that the cloud provider is a viable, stable business with assurances and protections, such as comprehensive risk and security defences in place, to safeguard business data.
Alongside guarantees from the provider, businesses must also ensure that they have an alternative strategy in place in the case of any disruptions or loss of connectivity to the cloud-based service. This includes awareness of any of the provider?s fallback plans and commitments that may jeapordise valuable information. Businesses also need to bear in mind that any interruptions to cloud computing providers may have to be dealt with on both a short- and long-term basis, depending on the nature of the disturbance.
Whilst the benefits of moving to the cloud are evident businesses must be aware of what they are getting into, and be able to mitigate the risks.
Yours sincerely,
Andrew Heather
General Manager, EMEA
Tripwire
www.tripwire.com
Posted by: Andrew Heather 24 Feb 2009