Today, we’re talking about security. It’s arguably one of the biggest concerns when considering Cloud deployment, with failure to ensure it potentially having far reaching consequences.
This post is especially timely considering the Ashley Maddison data breach that has been the focus of media attention since news of the hack broke on July 21. Included in the data since dumped online is the highly sensitive personal information of Ashley Maddison’s more than 30 million users, such as names, email and postal addresses, credit card details and content of personal messages exchanged on the site.
While the legitimacy of the data has been called into question, for example as former British Prime Minister Tony Blair’s email is one of those registered to the site, there has been serious fallout. Politicians and members of the Vatican and US Armed Forces are among those who have had their details exposed, as well as ordinary individuals, who through the collation of data by the internet savvy have since been able to be easily searched by curious or suspicious partners.
The Ashley Maddison example is but one in a series of huge data breaches that have taken place in the past 10 years. While the latest hack has been the focus of continuous media coverage, perhaps due to the sensitivity of the content, it is far from the largest. In 2014, for instance, an estimated 145 million eBay users had their names, addresses, dates of birth and encrypted passwords exposed (Information is Beautiful, 2015).
Given the increasingly sensitive nature of the information trusted to the Cloud by companies and individuals alike, security is a growing focus and source of concern. This is quantified through estimates by research firm Forrester that organisations will spend approximately $2bn on data protection over the next five years, up from around $282m currently (Ranger, 2015).
So, what should you do to protect yourself and your data? We have previously mentioned utilising only a private Cloud, and ensuring your data is located in Data Centres in Australia with private access links (links that do not go over the Internet) between your office and the private Cloud. When it comes to applications that need to face the Internet, such as email or web servers, it is also recommended that you secure the site by only opening the required “ports” and using strong passwords.
Unfortunately, it is not possible to completely guarantee security as it is a fact of life that the unexpected can happen. This being said, if you ensure high standards and maintain a commitment to securing yours and your organisations’ data, you will minimise the likelihood that you fall victim to breaches.
Information is Beautiful, 2015, World’s biggest data breaches, http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Ranger, S, 2015, Why security is your next big, expensive, headache, http://www.zdnet.com/article/why-cloud-security-is-your-next-big-expensive-headache/
How did we do this week?