Throughout computer science’s history, there have been numerous attempts to liberate users from computer hardware needs, because of their cost, impact on the environment, and heaviness. “These examples can be depicted in time-sharing envisioned in the 1960s, network computers of the 1990s, to the commercial grid systems of more recent years” [1]. And finally, this dream and goal has become a reality with cloud computing. Today, almost every academic and business leaders in this field are using cloud computing.

Cloud computing has leveraged users from hardware requirements while reducing overall client-side requirements and complexity.

Nevertheless, Cloud computing is not a panacea, and many questions are being addressed in its regard. Like its security policy.

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. [2]

In other words, Cloud computing enables us to obtain a server without needing to buy, deliver, install, and deal with its technical problems. This is useful especially in the software development world. Let’s imagine you have a website or application that has been unknown and has few users on it. And all of a sudden millions of users start using it. Earlier, you would have needed to buy many servers. Thankfully, with cloud computing, your much-needed servers are one click away.

Yet, as we use the cloud almost everyday with Google Photos, Google Drive, etc we keep wondering how are private files, are being kept secure?

Whether you are a company or a normal user, data security has certainly crossed your mind. As data are deployed in the Cloud infrastructure, we trust that the organization owning this infrastructure is securing your data, or else based on your contract you will sue them. Unfortunately, most cloud organizations protect only themselves in the contract – not the customer. So what are the security threats that endanger your private data or your organization’s data, and how can you keep your information away from malicious activities?

In traditional architectures, the customer generally knew the geographical position of the servers where their data were deployed in. However, the concept of abstraction in the cloud environment keeps the location of the cloud infrastructure almost hidden. Thus a company should make sure to ask for the provider’s location.

 Furthermore, even traditionally, a company faces multiple insider threats which made Perimeter Security* less effective. And it is even less so in an organization where you don’t know its staff and what are their malicious plans…

 Usually, a cloud provider will promise an encryption plan for your data to secure the information. However, once you enquire about your data, it will  be decrypted so you can acess it yet you are not the only one capable of viewing it. The cloud or hackers can view your data too. Thus, the best way to secure your information is encrypting it efficiently in advance, and deploying the encrypted version in the cloud. This is called Partial Decryption.

 To conclude Cloud Computing is a technology that reshaped many businesses and is continuing to do so. Yet, with this transition to the Cloud companies and users should remain cautious of what this great tool can bring with as great problems especially regarding the security side. Hence, contracts should be carefully read by both users and companies before agreeing to their terms.

References:

1-Dimitrios Zissis & Dimitrios Lekkas. (2012). Addressing cloud computing security issues. ELSEVIER. Retrieved from:

http://extev.syros.aegean.gr/papers/J50.pdf

2-Peter Mell & Timothy Grance. (2009). The National Institute of Standards and Technology, The NIST Definition of Cloud Computing, Information Technology Laboratory. Retrieved from:

http://faculty.winthrop.edu/domanm/csci411/Handouts/NIST.pdf

3-Margaret Rouse. (2017). Essential Guides. TechTarget. Retrieved from:

https://searchcloudcomputing.techtarget.com/guides

Jarett Cross. (2018). Cloud Computing Beginners Guide: An Introduction to Scalability, Services, and Serverless Technology. 

Unknown Author. (N/A). What is Cloud Computing?. Lenovo. Retrieved from:

https://www.lenovo.com/in/en/faqs/laptop-faqs/what-is-cloud-computing/

Carl Schmidt. (2011). Cloud Computing. TEDxJuanDeFuca. Retrieved from:

Unknown Author. (N/A). Resource Pooling. Techopedia.Retrieved from:

https://www.techopedia.com/definition/29545/resource-pooling

Judith Hurwitz, Fern Halper, Marcia Kaufman, Robin Bloor. (2009). Cloud Computing For Dummies

Author

Fatima Zahra Chriha an 18 years old student from Morocco. She is majoring in computer science at Felician University and she is the recipient of RASIT's scholarship, a full scholarship to study at Felician University granted to distinguished students.

Comments are closed.