With cloud computing continuing its journey as arguably the dominant technology of the current era, so too the way we use it and manage its capabilities continue to evolve. The cloud has given us new ways to think about lots of traditional IT habits and practices, and as more and more data finds its way into the cloud, this extends to subjects like business continuity, disaster recovery and general data security.
Conventional data storage and business continuity wisdom always revolved around having safety net systems in place in an offsite location, there to provide essential backup in the event of unforeseen emergencies. The offsite physical systems – basically server farms – would pick up the load and keep an organisation’s processes and operations flowing with the minimum of disruption.
Today the cloud offers a more flexible alternative, giving organisations virtual backup locations that are remote, safer than physical locations (which are often not sufficiently far from primary sites to be considered truly secure), and significantly, the ability to access all that data from absolutely anywhere.
Big data needs big storage
The fact is that with so much data being generated by so many organisations and users, storage and security simply have to become critical business issues. Ninety per cent of the total data in the world today has been created in the past two years, and 2014 and beyond will see us generating exponentially larger levels of data. The government of Australia has put its Public Service Big Data Strategy in place, and 62 per cent of organisations throughout Australia and New Zealand now say that they have implemented a big data strategy.
Traditional IT and telecommunication providers has committed billions of dollars of investments to expanding their global cloud data centre operations, further evidence of the value organisations are seeing in leasing storage, backup and other services from specialist third-party providers.
The security need
So with more data comes greater threat of attack and greater need for security. In recent times, large-scale hacks like that experienced by a large retail chain in the USA – where data belonging to more than 70 million customers was lost – and the loss of around 3 million customers’ data from a well-known IT organisation have underlined how essential data security has become as a business issue.
Recent research estimated that global cyber crime now costs around $400 billion per year, a frankly enormous figure. Australians were hit for around A$1.4 billion in fraud in 2012, including credit card and online transactions. These breaches prompted the Australian government to act, with new privacy legislation on its way in, something that seems like a logical move as more and more data is stored in the cloud.
The shift that the cloud has made from being a ‘new technology’ to simply being something that people use as second nature has meant a change in the way hackers approach security breaches. As the technology evolves, so do the tools with which malicious third parties attempt to attack it. Social media attacks and account hacks are now more commonplace than ever, with 2013 seeing major strikes on global “brand” organisations.
With security breaches and hacking techniques becoming ever more sophisticated, cloud security measures need to be beefed up and organisations increasingly vigilant. The perimeters that we need to protect have changed beyond recognition, meaning organisations need to adapt. We’re no longer talking about protecting a circle of wagons at ground level, within the corporate network – we’re talking about a much bigger, wider world which carries more threats than ever.
The financial imperative
As with many disruptive technologies, cloud-based storage has cost implications. And like many technological advancements of recent times, it’s also about OPEX versus CAPEX. Cloud storage offers cost and set up benefits to organisations, since it is faster and easier to put in place and bring online and simply less expensive to operate. And with IT budgets shrinking but the same levels of performance and reliability still required, OPEX will continue to grow in popularity.
The cloud, and its lack of need for organisations to have expensive, dedicated technology sitting in physical locations, brings significant cost implications. The shared environment nature of the cloud means that initial investment, CAPEX, can be hugely reduced while the most cost-effective, continuous model, OPEX, can be employed. OPEX also offers organisations greater flexibility, letting them scale up or scale down their cloud security requirements as they need – something that is important as operational locations change, workforces grow or shrink and mobile devices continue to proliferate in the work environment.
The Asia Pacific region has recently become the world’s leading cyber-attack target. One reason is that the region has three of the world’s top five patent offices carrying 45 per cent of worldwide patents filed, meaning that information on prototypes and advanced stage products is held in databases here – valuable data that needs serious protection.
How can we make the cloud more secure?
By working together, organisations and cloud service partners can look to mitigate the risks involved with data storage within the cloud. Making it clear from the start about who in the relationship bears responsibility for data security is a good place to begin, since there are now more devices than ever with access to sensitive data. The long-held view of security as building walls around data to keep the bad guys out no longer applies, since so many of today’s data breaches are caused by insiders – more often than not staff members, acting either by accident or sometimes maliciously.
High level encryption tools are also essential, as is establishing policy which monitors and restricts third-party access. Real-time monitoring of cloud data can help to flag up potential attacks and provide early warnings against intrusions. By employing a structured approach to working with their cloud providers, organisations can enjoy an ongoing, mutually beneficial dialogue which keeps their data as safe as possible while enjoying all the convenience and benefits of the cloud. The cost to industry of cyber crime in 2013 rose by 78 per cent and the time needed to resolve attacks more than doubled – making cloud security a higher business priority now more than ever.