Cloud computing is now the predominant source of users’ computing – for both personal and business needs. People store photos, documents, and work projects and tasks in the cloud versus using traditional networking services. This increased reliance on cloud computing also poses alarming risks pertaining to outsider access that potentially harms the end user. The risks of cloud computing are on the rise, in particular, with threats targeting data and privacy.
The Threats and Risks of Cloud Computing
In the not-so-distant past, leading technology companies suffered significant breaches. The LastPass breach, for instance, is particularly alarming. The online technology company, which stores and manages users’ passwords for a variety of accounts, experienced a breach that accessed its customers’ personal accounts. This prompted an urgent outreach to inform customers to change their passwords to prevent hackers from obtaining their sensitive information. Outsider access to critical information leads to numerous ramifications, including these potential risks of cloud computing:
- The loss of data including intellectual property, passwords, banking information, and other sensitive data that no one desires others to access.
- Exposing confidential information that leads to regulatory and legal actions against an enterprise, such as violating HIPAA or FERPA.
- Insider theft. For example, when an employee stores confidential information in their personal cloud and uses it after leaving employment for another business.
- Malware and ransomware attacks, such as Spectre and Meltdown. The City of Atlanta lost access to its city services due to a ransomware attack that led to a massive shutdown of the city infrastructure.
- The loss of customer trust. Customer turn skeptical about a company’s ability to secure their data in the future after a breach occurs. This lack of trust also negatively drives down revenue and customer retention.
Advice for Protecting the Cloud
- Craft a strategy with cloud computing and enforce it throughout an organization.
- Design a target architecture. “Taking a long-term view of technology architecture principles and standards will help ensure inoperability, data integration, security as well as controls across internal and external providers.”
- Identify the risks of cloud computing and strategize a governance model to share with employees.
- Establish vendor due diligence and guidelines.
- Engage in performance management and consistently monitor the cloud for any performance issues and security breaches.