Cloud-Based Data Hosting: What’s It Really All About?

Cloud hosting services bring to mind all sorts of idioms:

• “Every cloud has a silver lining.”
• “Get your head out of the clouds.”
• “I’m on cloud nine.”

However, none applies to the latest iteration of “cloud.” Despite the fact that just about everyone is using the latest cloud technology these days. From access to software programs, to enhanced computer power, to a seemingly infinite depository for data, cloud based hosting is gaining traction.

In order to give you the full scoop on this relatively new resource, we put together some facts to consider about cloud hosting services.

The Dark Sides of Cloud Data Storage

Using a cloud based database means sharing cloud space with many others. It also means handing off the responsibility for safeguarding information. Anything from mechanical failure to poor management may cause devastating problems. However, there are several cloud “biggies” most businesses fear.

Cloud Database Threats from Within

Data security is only as good as the people providing the storage space, which is particularly troubling considering where many threats originate. Security breaches often occur because of an action taken by someone on the “inside.”

Researchers at Pittsburgh’s Carnegie Mellon University considered three different types of insider cloud database security breaches.

1. The Rogue Cloud Provider Administrator usually goes after confidential information, often for monetary gain, although destroying infrastructure may also be a motivation. Their actions harm both the cloud provider and client companies.
2. The Exploiting Employee works for a client organization, finds, and then uses some vulnerability in the cloud based databaseto steal data. Sometimes they take information to sell, other times they use data for advancing their own career.
3. The IT Infrastructure Insider Attacker uses the cloud as the apparatus for committing the attack, rather than attacking the cloud itself. Actions might include using the cloud’s power to unlock password accounts, configuring cloud storage for easy future access by them, or even damaging the company’s infrastructure.

Breaching a Cloud Based Database Through Cyber Attacks

On an almost weekly basis, new cyber threats arise. Cloud providers work constantly at developing and augmenting security measures. However, keeping so much valuable data in one place makes the cloud a cyber-attacker’s dream come true.  Relentless in their pursuit of methods for breaking into secure data, many use an account name and password from a single entity to gain access.

Different types of attacks abound. Alert Logic, a security provider, reports that brute force attacks seek out credential failings en masse. Vulnerability scans look for weakness in applications, services, an elsewhere.  Malware botnet attacks in the cloud steadily increase. No matter the method, once in, chaos becomes a distinct possibility.

Big Brother Watches Over the Cloud

Data servicesare also vulnerable to government incursions, and not just those from other countries. Using the internet implies an understanding of possible security risks. However, in a country whose constitution provides privacy rights, and whose judiciary has repeatedly upheld those rights, the idea of government agencies accessing data whenever they desire disturbs many people.

The fact that the April Fool’s joke site NSA-Cloud was taken seriously by even a few people illustrates current assumptions about government incursions into our data. The site “offers” free, unlimited storage of all personal data, such as electronic payments, private pictures, and medical records and promising (or threatening), “Everything you thought you had deleted or lost forever – we still got it.” The site includes an apology of sorts about the lack of data export, deletion, and sign out abilities, and ends with a cheery, “For your own convenience, we already signed you up!”

People do not store information in a cloud database with the intention of sharing it with everyone else, so, between the development of privacy protection programs and court cases, along with continued media reports should make the coming years interesting ones in terms of privacy rights.

Looking on the Bright Side

Hosting data in the cloud offers simple access to huge amounts of data, along with various software programs. This means lower hardware expenditures for many companies. It also means assigning data storage and security to an outside provider, freeing up resources for companies to work on what they really need to do, and permits work on a project by multiple people. In short, the cloud is a great thing, but one requiring careful monitoring.

SOURCES:

http://www.developer-tech.com/news/2014/nov/26/heads-cloud-why-we-keep-our-data-ground/.

http://www.technologyreview.com/news/425970/who-coined-cloud-computing/.

http://www.businessnewsdaily.com/5215-dangers-cloud-computing.html.

http://www.pcmag.com/article2/0,2817,2372163,00.asp.

http://resources.sei.cmu.edu/asset_files/WhitePaper/2012_019_001_52385.pdf.

http://www.darkreading.com/attacks-breaches/how-cybercriminals-attack-the-cloud/d/d-id/1139618.

http://www.computerweekly.com/news/2240219265/Cyber-attacks-move-to-cloud-with-adoption-report-shows.

http://www.npr.org/blogs/alltechconsidered/2013/10/02/228134269/your-digital-trail-does-the-fourth-amendment-protect-us.

http://arstechnica.com/information-technology/2014/10/taking-back-privacy-in-the-post-snowden-cloud/2/.