Cloud computing is increasing in the scope of services provided and the number of users partaking in those expanding services (Smith, 2018). The United States National Institute of Standards and Technology (NIST) defines cloud computing as: “A model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. (National Institute of Standards and Technology 2011).” The advantages of cloud computing cannot be ignored with the latest being cloud computing bringing High Performance Computing (HPC) to the masses in what some claim represents the future of computing (Watkins, 2018).
The power of cloud computing remains in remotely centralizing computing and data storage in one place, if we think of one organization operating the cloud as ‘one place’, and it is this very power that is alluring to cyber criminals. A so called ‘hacker’, what Raymond says is more accurately labeled a “vandal” (Raymond, 2001), in today’s vernacular a “cyber criminal”, can access vast concentrations of data in “one place,” so the allure in the hack is not only the sophistication required in the hack, but more importantly remains in the vastly larger monetary payoff that can be extorted or sold from that vast amount of data.
Cyber crimes, in the form of data breaches, are escalating with the Kaspersky study showing the average cost of a data breach in currently being $1.2 million, a 24 percent increase over last year, and a 38 percent increase since 2016 (Smith, 2018). The common perception among IT personnel is cloud computing diminishes data protection and privacy, but as noted by Michael Armstrong, CIO of Corpus Christi, Texas, and IT security consultant Larry Ponemon, cloud encryption and security are more reliable than the majority of government and private onsite computing (Hughes, 2014).
Users of cloud computing must exercise responsibility for being the number link in making strong security chain, and this true for cloud computing as well. Both security of mobile devices and security practices of mobile device users are less stringent and more vulnerable to cyber attacks, but mobile devices accessing clouds is increasing with increased cloud dependency, especially with the trend of the convenience of accessing your information across devices (Hughes, 2014). Besides mobile device vulnerability, users need to be more aware of using the cloud services. For example, the Ponemon Institute found “36 percent of business-critical applications are housed in the cloud, yet IT isn’t aware of nearly half of them (Netskope, 2018).” Businesses are addressing user cause data breaches by increasing cyber security training and with the average business spending $137,000 on employee training (Smith, 2018).
References
- Clark, Brian. In Technology We Trust: Cloud Computing, Technical Breakdowns and the Protection of Privacy. Unpublished Masters Thesis in Sociology, Carlton University, Ottawa, Ontario, 2014.
- Huang, Cheng-Cieh and Ching-Cha Hsieh. “Sociology View on Cloud Computing Value: Actor Network Theory Perspective”. Cloud Computing 2010: The First International Conference on Cloud Computing, GRIDs, and Virtualization, pp. 145-149.
- Hughes, Jessica. “Data Breaches in the Cloud: Who’s Responsible?” http://www.govtech.com/security/Data-Breaches-in-the-Cloud-Whos-Responsible.html accessed on June 6, 2018.
- Latour, Bruno. Reassembling the Social: An Introduction to Actor-Network-Theory. New York: Oxford University Press Inc., 2005.
- National Institute of Standards and Technology. The NIST Definition of Cloud Computing: Recommendations of the National Institute of Standards and Technology. U.S. Department of Commerce, 2011.
- Netskope. “Data Breach: The Cloud Multiplier Effect (2018).” https://www.netskope.com/lp/data-breach-cloud-multiplier-effect/ accessed on June 6, 2018.
- Office of the Privacy Commissioner of Canada. Report on the 2010 Office of the Privacy Commissioner of Canada’s Consultations on Online Tracking, Targeting, and Cloud Computing. Office of the Privacy Commissioner of Canada, 2010.
- Parker, Elisabieth. “An Actor-Network Theory Reading of Change for Children in Public Care”. British Educational Research Journal, Vol. 43, No. 1, February 2017, pp. 151-167.
- Raymond, Eric S. The Cathedral & the Bazaar. Sebastopol, CA: O’Reilly Media, Inc. 2001.
- Saedi, Amin and Noorminsha A. Iahad. “An Integrated Theoretical Framework for Cloud Computing Adoption by Small and Medium-Sized Enterprises”. Pacific Asian Conference on Information Systems 2013 Proceedings.
- Smith, Ernie. “Report: Data Security Costs Grow as Breach Incidents Rise (2018).” https://associationsnow.com/2018/05/report-data-security-issues-grow-cost-importance/ accessed on June 6, 2018.
- Watkins, Daren. “How Data Scandals are Changing Data Center Strategy (2018).” http://www.datacenterdynamics.com/content-tracks/security-risk/how-data-scandals-are-changing-data-center-strategy/100229.fullarticle accessed on June 6, 2018.