Cloud Computing Risk ~ Some Notes..

Cloud computing is good for business but it comes with risk.  You know those commercials for medicine that pop up on your television?  The ones that tell you how beneficial the medication is until the last 15 seconds of the 20 second commercial.  At least it feels that way.   After they get through the one benefit they list a bunch of things that will harm you

How about when you buy a new car?  Or you need financing for something?  You hear all this benefit then someone speaks in fast ways that you can’t even understand but if you slow it down you hear that they will take your house, your car, your wife and kids and the family pooch!

Still reading?..  Cloud Computing = Trust (not trusted computing) but TRUST.

What are the risks associated with trusting a company that in some cases you aren’t paying?

Below are (SOME) minor examples, skip by this if you just want to keep reading.

  1. http://www.bgr.com/…/dropboxsecuritybreach-stolen-pas…Share
    by Dan Graziano – in 97 Google+ circles – More by Dan Graziano

    Aug 1, 2012 – A couple of weeks ago, Dropbox users began to complain about receiving spam in email accounts created exclusively for the service.

  2. mashable.com/2012/08/01/dropbox-brief/

    Aug 1, 2012 – Dropbox Confirms Security Breach, Facebook Gets a Surge of Mobile Users.

  3. http://www.engadget.com/…/dropbox-confirms-securitybreach-new…

    Aug 1, 2012 – Dropbox has admitted that spam reported by its users over the last few weeks was the direct result of a security breach. Both login names and 

  4. Aug 1, 2012 – Online storage service Dropbox has given details of a security breachthat led to many of its members receiving unsolicited emails. A stolen 

  5. http://www.eweek.com/…/Security/Dropbox-Password-Bre
    by Wayne Rash – in 417 Google+ circles – More by Wayne Rash

    Aug 3, 2012 – NEWS ANALYSIS: While cloud service providers try to ensure their offerings are reasonably secure, they usually fail in this basic requirement

http://www.huffingtonpost.co.uk/…/dropbox-password-breach-leak_… Aug 1, 2012 – Dropbox has become the latest web service to suffer a huge security breach. Thousands of users had their usernames and passwords stolen 
More Problems for Amazon EC2 Cloud » Data Center Knowledge
http://www.datacenterknowledge.com › Downtime Share Jun 29, 2012 – Amazon Web Services is reporting more service problems this morning for some customers of its EC2 cloud computing service. Amazon has 

Box.com Security Issues For Personal Accounts » TechLogon 
techlogon.com/…/box-com-securityissues-for-personal-accou…Share
Mar 9, 2012 – Two issues about the level and type of security Box offer to free Personal  Box.com (formerly Box.net) are a major online backup service, ..
__

What does this mean to you?

Since I am talking about cloud computing in general it can mean a whole lot of things but for the sake of keeping this blog fairly reasonable,  I will just address some basics here.

When YOU put YOUR information on the internet and you hand it over to a “trusted provider” realize what that means.  For most of us, it means that you are willing to lose that information or share it.  The provider **CANNOT** guarantee the safety of that information.    I  am not picking on Dropbox by the way but here is their language “

Dropbox is Available “AS-IS”

Though we want to provide a great service, there are certain things about the service we can’t promise. For example, THE SERVICES AND SOFTWARE ARE PROVIDED “AS IS”, AT YOUR OWN RISK, WITHOUT EXPRESS OR IMPLIED WARRANTY OR CONDITION OF ANY KIND. WE ALSO DISCLAIM ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. (We are not shouting- it’s just that these disclaimers are really important, so we want to highlight them). Dropbox will have no responsibility for any harm to your computer system, loss or corruption of data, or other harm that results from your access to or use of the Services or Software. Some states do not allow the types of disclaimers in this paragraph, so they may not apply to you.”

__

Oh Google my Google.. same type of thing or Amazon.. or ANY OF THEM.

Bottom line is that even if you PAY for services you are at risk.   From a business perspective you must consider how to manage and lower your risk by taking measures legal and technical.

For the government or government workers I think there are a lot of other considerations that have to take place.

Oh Howie!!!! You worry too much… 

  1. UK data breach reports rocket 1000% in just five years Computer Business Review‎ – 3 days ago Figures reveal a huge increase in self-reported data breaches, with local government bodies being the worst culprits.
  2.  Imation shines light on scale of NHS data breaches IT PRO‎ – 1 day ago
  3.  Data breaches 10 times worse, say ICO figures BBC News‎ – 2 days ago
  4.  UK data breaches up 1000% in five years  www.net-security.org/secworld.php?id=13504 3 days ago – According to the data, local government data breaches have increased by 1609%, with the next largest increases coming from other public 
  5.  Dark Clouds Over Technology: Pondering  – Government Technology  http://www.govtech.com/…/Dark-Clouds-Over-Technology-042212….Dark Clouds Over Technology: Pondering Action After Recent State Government Data Breaches. April 22, 2012 By Dan Lohrmann. Over the past few weeks, 
  6.  Breaches Affecting 500 or More Individuals  www.hhs.gov › … › Breach Notification Rule As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list ofbreaches of unsecured protected health information affecting 500 or more 

Is it worth the RISK?

If your answer is ” I don’t know” then you have a problem.

If your answer is “yes” then you should have some analysis to back that up.
If your answer is “no” then you should have some analysis to back that up.