How Safe is Cloud Computing?
The cloud is everywhere these days. Thanks to its convenience and cost, cloud computing has enjoyed exponential growth in the market over the last few years. For most, it’s not a question of whether you move to the cloud, but what can and should be moved—and when it should be done.
However, security concerns have grown too, particularly in light of media coverage of high profile security issues. How does it compare to traditional methods? Have you scheduled a regular review of files and documents stored in the cloud? What questions should you be asking cloud computing providers? Who can you trust? Have you chosen strong enough passwords to be protecting yourself?
Just how safe is Cloud Computing? This infographic from Memset examines the topic…
How Safe is Cloud Computing?
Cloud Computing has grown exponentially over the last few years, but security concerns linger amongst those reluctant to adopt. Is cloud computing safe? Let’s have a look…
You should ask questions like:
- Will the stored data remain in the European Union (for data protection)
- Who in the supplier organization has access to my data and what controls are placed upon them?
- What certifications or standards does the supplier adhere to?
Trust no one:
Main security threats aren’t “over the wires” – tight security and monitoring systems reduces the risk.
Biggest risk to security is your own employees
- Negligent employees/contractors account for 36% of security breaches
compared with…
- 29% relating to malicious/criminal factors
Off vs on-premise:
Off-premise has other benefits too – if someone wanted to steal data from a specific server, they would have to break into a data centre, which is no easy task. Even if they did manage to break in they would be faced with banks of thousands upon thousands of identical machines with meaningless labels like “SRV01403” on them, meaning they would have no idea which one to steal.
Availability
“Over the wire” attacks are relatively easy to defend the integrity of the data form. The biggest issues arise from the availability of that data due to denial of service attacks (DDOS).
Could your on-premise servers handle the multiple gigabit up-links necessary to defend from these?
- 15% of small businesses experienced Denial of Service attacks in 2011
- 30% of large organizations experienced Denial of Service attacks in 2011
Memset deflects 20 Denial of Service attacks every hour without our customers even noticing.
Choosing a good password:
Weak Passwords:
- 58% of people use passwords between 6-8 characters, with 42% using only lowercase
10 Character Passwords vs. 8 Character Passwords:
- Number of possible passwords using 10 characters: 984,000,000,000,000,000
-
- Time to crack using 1,000 cloud servers: 3.9 years
- Number of possible passwords using 8 characters: 248,000,000,000,000
-
- Time to crack using 1,000 cloud servers: 8.6 hours
Password hashing:
A hashed password takes longer to validate, artificially increasing the complexity of the decryption algorithm and therefore decryption time.
1 million cloud servers vs. 10-digit password with hashing = 15 years
Ultimately, the main problem lies between the keyboard and the chair – i.e. the user. When it comes to security (and cloud security is no different), the weak link is always the human.
Sources
Download this infographic.
Discussion
What Do You Think?