Comms-care Blog

Security fears grow with the rise of cloud services. What can IT do to minimise risks?

by Rob Darby

May 20, 2014

Cloud computing continues to dominate the IT landscape- and there’s absolutely nothing that can rival its potential or stop its growth. HP, Cisco and all the other key cloud players are scrambling to support global demand and are investing billions of pounds to create a sophisticated cloud system that can accommodate flexibility, privacy and massive storage requirements.

Businesses already have a plethora of cloud options to choose from and can opt for private or public cloud or even a hybrid of both. The future of cloud will not only include support of all of these options and more, but also give organisations the ease and capability to manage their most complex storage challenges. 

But what about security? Fears of data loss and security breaches loom large. Is there anything IT can do to minimise the risks and assuage people’s concerns? Security breaches and data loss on the cloud has taken its toll on many organisations - both big and small.  The US retailing giant Target is still reeling from its recent data breach scandal.120 million people who used their credit or debit card at a Target store between November 27th and December 15th had their card information stolen. Hackers obtained the data byTarget’s point-of-sale systems by stealing network credentials from a contractor providing electronic billing services and project management services on Target’s systems.

In addition to credit card details, other customer information was leaked – information that was stored on the retailer’s private cloud.  This includes customer emails, home addresses and phone numbers.

Closer to home, organisations are coming to grips with their own data breach scandals- many stemming from cloud security issues.  According to a recent PriceWaterhouseCoopers report on security, the cost of the most serious data breaches in the UK has gone up, with big businesses facing big financial losses as a result.

The public sector is also at risk, with the NHS taking the lead as one of the worst offenders of data breaches.  Recent NHS statistics show that health services lose or breach the safety of 2,000 patient records every day. More than 2 million serious data breaches by the NHS have been logged since the start of 2011.

What can IT do to mitigate these risks? Adopting a security policy is important for internal staff and IT personnel as well as for third party suppliers in the cloud supply chain.  Everyone needs to understand the risks on the cloud. Ongoing management of contractors, implementing service-level agreements (SLAs), and a regular review of their security credibility through onsite visits are also important Cloud services and cloud platforms are now an undeniable part of the IT landscape and so are security breaches. Everyone in the supply chain must do their part to identify security gaps and to mitigate risks- or face the likelihood of serious financial losses.