Tuesday, January 24, 2012

SECURITY RISKS OF CLOUD COMPUTING

Cloud computing is finally with us. Recently a leading telecommunication service provider launched a cloud computing service for individuals and businesses. Cloud computing is basically the use of computing resources, like applications and servers, as a service (Software as a Service).

An example would be a small construction and road repair company somewhere in Kericho. At the end of every month the company runs its payroll and pays its casual and permanent employees. Before the advent of cloud computing this company would be forced to invest in a computer, a payroll system and stationery so as to automate its payroll process.

The cost of purchasing a dedicated payroll computer and its system would be prohibitive to a small enterprise. The concept of cloud computing means that instead of dedicating resources to a process that is run only once a month the company can subscribe to a cloud computing provider to do it. The company is then billed only for the time it uses the payroll system.

So instead of worrying about the costs of the payroll system, and security of the data, the cloud computing provider provides access to these computing when needed and charge for specific usage only.

Examples of global cloud computing providers include Hewlett Packard, Fujitsu, Red Hat, Amazon and many others.

Cloud computing, just like any other technology process, has some security risks. These risks will be discussed in this article and the next.

There are many security concerns in cloud computing. One of the most common queries concerns access to data. Who has access to your data?

An example is the United States of America. In October, 2001 the USA Patriot Act was signed into law as a response to the September 11 terrorist attack. This Act allows the American government to access data in any American owned data center, no matter what country that data center is in. If you outsource any of your ICT functions to a cloud infrastructure owned by an American company, then your data can be accessed by the American government.

Who can potentially access your data becomes a priority concern when choosing a cloud computing provider.

Keeping data private and secure is an ongoing concern for everyone in this interdependent and connected world. Due diligence should be conducted. The only truly safe approach in cloud computing is to subscribe to a cloud computing provider that is locally owned and locally located.

No comments: