https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/footer-logo.png
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Architecture
  • Engineering/Development
  • Security
ioti.com

Security


Corey Ford, Thinkstock

Lake with dramatic lightening and clouds

Security Breaches, Data Loss, Outages: The Bad Side of Cloud

What to consider and how to be proactive about cloud security.
  • Written by Bill Kleyman
  • 3rd April 2016

As a big supporter of cloud computing, this is never an easy topic to discuss. However, security concerns will always be present as threats continue to rise. Let me give you an example. As soon as the whole Heartbleed topic arose, our organization began fielding calls from various IT shops asking for remediation, fixes, and patches. The crazy part was that not all OpenSSL systems were impacted. Many pre-version 1 OpenSSL systems were safe. Many others were facing the challenge up correcting and fixing this serious vulnerability. Cisco, Juniper, F5, and many others were actively deploying fixes to ensure that their systems stay safe. Numerous social media giants – Facebook and LinkedIn for example – were also having to deal with OpenSSL issues. Furthermore, even though they were stating that patches have been deployed, these giants were asking all of their users to reset their passwords… just in case.

Interdependencies on cryptography library pieces can allow for a standardization around security protocols. However, it can also cause issues like Heartbleed where a number of large providers are impacted by the same very serious issue. Although cloud computing is a powerful platform, it can certainly have its “cloudier” days.

Although we’ve come a long way with cloud design, there are still some concerns and issues to overcome. There are so many moving parts that create a cloud environment that sometimes, not all of the pieces fit together entirely well. In looking at cloud computing, consider some of the following:

  • Cloud and security. This is still absolutely an issue. In fact, it’s a growing issue. Arbor Networks 9th annual Worldwide Infrastructure Security Report illustrates this point very clearly with the largest reported DDoS attack in 2013 clocking in at 309 Gbps. As cloud computing becomes more popular, it will become the target of more malicious attacks. No single environment is safe and every infrastructure must be controlled with set policies in place. Heartbleed is a perfect example where a number of massive cloud organizations can be impacted by a standardized security structure.
  • Dealing with data loss. Allowing users to get into the cloud is one thing. Accessing applications through a cloud model is a powerful way to allow end-users to work remotely. However, what happens when users start uploading files to the cloud? Healthcare is a great example where data loss can be extremely costly. A recent report from the Health Information Trust Alliance (HITRUST) really paints the picture around the ramifications of a data breach. Over the recent years, the numbers around healthcare data breaches can be quit sobering.
    • Total Breaches: 495
    • Total Records: 21.12 million
    • Total Cost: $4.1 billion
    • Average Size: 42,659 records
    • Average Cost: $8.27 million
    • Average Time to Identify: 84.78 days
    • Average Time to Notify: 68.31 days

Many organizations often times don’t have a Data Loss Prevention (DLP) system plan in place. This means that a user, even non-maliciously, might post some information or upload a file which can contain sensitive information.

  • Cloud outages. No entity is 100% safe from some type of disaster or emergency. In fact, a powerful storm in June of 2012 knocked out an entire data center which was owned by Amazon. What was hosted in that data center? Amazon Web Services. All affected AWS businesses in that data center were effectively down. Cloud-centric companies like Instagram, Netflix, and Pinterest were all made production ineffective for over six hours. To paint a clearer picture, there was a recent study conducted by the International Working Group on Cloud Computing Resiliency. This report showed that since 2007, about 568 hours were logged as downtime between 13 major cloud carriers. This has, so far, cost the customer about $72 million.

So what do you do? If you take a look at the responses from folks like Facebook, Google, and even LinkedIn, you’ll see proactive actions which address the issue immediately and sets in motion plans to fix problems like this moving forward. You can never predict the future, especially not in IT or security. But you can be vigilant and ready for things like this to happen.

New proactive security solutions like virtual security appliances give you the ability to deploy agile, powerful, and intelligent security systems anywhere within your infrastructure. The other big part is that these security platforms can be service-oriented. This means you can monitor specific network nodes and data points within a very distributed environment.

For now, cloud computing has really done a good job staying out of the spotlight when it comes to major security issues. Yes, Dropbox might accidentally delete a few of your files, or some source code becomes exposed. But the reality is that a public cloud environment hasn’t really ever experience amassive data breach. Ask yourself this question, what would happen if AWS lost 80 million records like in the very recent Anthem breach? The conversation around public cloud security would certainly shift quickly. But the reality is that they haven’t. Maybe this gives us more hope that the cloud architecture is being designed in such a way that data is properly segregated, networks are well designed, and the proper boarder security technologies are in place. It all sounds great; but the key is to never become complacent. As more organizations move to a cloud-based model, advanced persistent threats may follow.

Article was originally published on Data Center Knowledge.

Tags: Article Security Technologies News

Related


  • Image shows CCTV security camera monitoring on street.
    Verkada Security Camera Hack Hits Telsa; Cloudflare
    A cloud-based security camera firm was hit with a massive hack. Experts have likened the breach to the recent SolarWinds security event.
  • IoT security
    Zero-Trust Security for IoT: Establishing Rigorous Device Defenses
    IoT security pros can benefit from zero-trust security to authenticate rogue devices that try to connect to a network. Zero trust should be the hallmark of your IoT strategy.
  • 3d rendering of human brain on technology background
    AI Ups the Ante for IoT Cybersecurity
    Security providers in IT and OT have implemented AI, ML and other advanced technologies to make systems smarter than malicious attackers.
  • IoT security
    Protecting Your Network Against Ripple20 Vulnerabilities
    Early this year, Ripple20 wrought havoc on numerous IoT devices, given vulnerable third-party code. Here are ways to prevent your organization from the fallout.

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Content

  • LynxSecure Datasheet
  • LYNX MOSA.ic™ Avionic Platform (Advantage w/ Intel)
  • COVID-19 Driving Data Integration Projects in IoT
  • Intro to LynxSecure

News

View all

Webex Collaboration Banks on Hybrid Workplace Model at Cisco Live 2021

2nd April 2021

Cisco Enlists Networking Automation, CX Cloud in COVID-19 Response

31st March 2021

White Papers

View all

Telehealth and COVID Infographic

30th March 2021

Medical Supply Chain Management with Smart Devices and Sensors

30th March 2021

Special Reports

View all

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

Webinars

View all

Weber’s Journey: How a Top Grill Maker Serves Up Connected Cooking

25th February 2021

From Insights to Action: Best Practices for Implementing Connected Device Security

15th December 2020

Galleries

View all

Top IoT Trends to Watch in 2020

26th January 2020

Five of the Most Promising Digital Health Technologies

14th January 2020

Industry Perspectives

View all

IoT Spending Holds Firm — Tempered by Dose of ‘IoT Pragmatism’

1st December 2020

The Great IoT Connectivity Lockdown

11th May 2020

Events

View all

Embedded IoT World 2021

28th April 2021 - 29th April 2021

The Virtual Industrial AI Summit

29th June 2021 - 30th June 2021

IoT World 2021

2nd November 2021 - 4th November 2021

Twitter

IoTWorldToday, IoTWorldSeries

🥳Happy #IoTDay! How are you celebrating? We're giving $50 off All Access Passes to join our upcoming virtual event,… twitter.com/i/web/status/1…

9th April 2021
IoTWorldToday, IoTWorldSeries

🎉 Announcing #EIOTWORLD sponsor, @InnoPhaseinc — a fabless wireless semiconductor platform company specializing in… twitter.com/i/web/status/1…

8th April 2021
IoTWorldToday, IoTWorldSeries

Digital Health Infrastructure Benefits From Cloud-to-Edge Architecture dlvr.it/RxBwQ4 https://t.co/AILVdUVWDA

7th April 2021
IoTWorldToday, IoTWorldSeries

Meet the #EIOTWORLD keynote lineup: Google, Facebook, Linux Foundation, STMicroelectronics, Antmicro, OpenHW Group,… twitter.com/i/web/status/1…

6th April 2021
IoTWorldToday, IoTWorldSeries

Network Data Analytics Supports Back-to-Work Health and Safety dlvr.it/Rx5xlL https://t.co/VvxxpdUMJ3

6th April 2021
IoTWorldToday, IoTWorldSeries

IoT Cybersecurity Act Places Security Onus on Device Makers dlvr.it/Rx2jHK https://t.co/fyd3nQ1r1Z

5th April 2021

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X