Cloud computing risks in a nutshell
Posted on June 22nd, 2012
The trend of cloud computing is hailed because of its scalability, cost effectiveness, and manageability. Gartner describes cloud computing as a type of computing in which “massively scalable IT-enabled capabilities are delivered ‘as a service’ to external customers using Internet technologies”*. Besides the cost-saving aspect of hybrid computing, cloud users also rely on security promises. Nevertheless, industry experts highlight that security is one important aspect of cloud computing that is often underestimated by users and providers alike.
According to a recent release by the International Working Group on Cloud Computing Resiliency (IWGCR), “a total of 568 hours of downtime at 13 well-known cloud services since 2007 had an economic impact of more than $71.7 million dollars.”**. In this regard, the IWGCR is referring to stats from the big players of the IT industry such as Google, Yahoo!, Paypal, and Amazon. The research firm further highlights that these figures are most likely to be an underestimation because many outages are not covered in the press. Nevertheless, in their case, downtime does not only affect the companies but millions of users all over the world.
Not only large, corporate organizations but more and more governmental bodies are moving to cloud hosting. Although an average cloud computing availability rate of 99.9 % sounds fairly high at first glance, it is not even close to the expected 99.999% reliability that mission critical systems should have.** Experts indicate that this potential lack of reliability might be unknown to buyers and even providers.
What are the risks that cloud computing service buyers are likely to face? How can users protect their data in the cloud? According to Gartner research, cloud computing bears numerous security risks that include but are not limited to “data integrity, recovery, and privacy, and an evaluation of legal issues in areas such as e-discovery, regulatory compliance, and auditing”.*
In order to prevent any of these security breaches, Gartner advises buyers to scrutinize their service provider team carefully. Customers should find out who handles their data and get as much information about their provider as possible. It is, for instance, highly recommendable to find out the exact location where your data is stored which means knowing the jurisdictions of the respective country. “Cloud services are especially difficult to investigate, because logging and data for multiple customers may be co-located and may also be spread across an ever-changing set of hosts and data centers.”*
There are more questions that should be addressed before moving to the cloud with a specific web hosting provider: What are the specific disaster recovery solutions your provider has in place? Is complete data restoration possible and how long will it take? Generally, buyers are advised to get a detailed overview of the security measures and programs from their provider of choice.
* 2008. Gartner: Seven cloud-computing security risks. Retrieved from http://www.infoworld.com/d/security-central/gartner-seven-cloud-computing-security-risks-853
** 2012. Cloud failures cost $70M-plus since 2007, researchers say. Retrieved from http://www.computerworld.com/s/article/9228227/Cloud_failures_cost_70M_plus_since_2007_researchers_say