Is Apple’s iCloud a security headache waiting to happen?

The release of iCloud this month will have a positive impact on the take up of cloud by businesses. The new iCloud platform will allow Apple enthusiasts to store music, photos, apps, calendars, documents and so on in the cloud. Now this in itself is nothing spectacularly revolutionary, but it will introduce a wider audience to the concept.

The business world tends to be a step behind consumers when it comes to this type of technology; just look at social media. It wasn’t until after the consumer revolution that businesses really started to understand the potential of collaborative solutions.

While cloud has been an industry buzz-word for some time, for most it is a new concept, and as with most new things it is treated with suspicion. The release of iCloud could therefore pave the way to wider adoption as it will raise awareness; meaning cloud will no longer be such an alien concept.

However, the “consumerisation” of IT, with the proliferation of personal devices such as tablets and smartphones, is a common security headache. If people start to use iCloud as a storage unit for vital company information this will take control of information out of the hands of the corporate network – which is a concern.

It raises a number of issues, as for example, many companies have jurisdictional constraints with regard to where data is stored, so “somewhere in the cloud” is a non-starter. Additionally, applications such as these are a good target for hackers.

Take, for example, the Sony Playstation debacle and more recently the Dropbox breach. Apple’s iCloud has nothing that helps establish trust either, i.e. am I sharing with who I think I am sharing with? Not to mention the fact that Apple is not Microsoft and most corporates have challenges managing their Microsoft estate, let alone hooking up with an environment that is alien and not compatible.

As with smartphones, there is a need for companies to ensure they set policies that define how iCloud is used by employees; placing restrictions if needed on what information is stored and where. Getting people involved in the cloud is great, but it should not come at a cost to security.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Frank Joshi has 23 years of experience in selling leading edge technologies. He has a wealth of knowledge and expertise in document, sales and content management, business intelligence and data mining as well as a solid understanding of advertising based B2B and B2C web portals and networks. A serial entrepreneur and angel investor, he co-founded (1995) and sold (2000) a profitable B2B internet portal business, Martex Communications, to Tarsus Group. From 2000 to 2002 Frank was a Board director for Tarsus in charge of the sales division and he developed successful sales and marketing strategies across physical and virtual assets such as trade shows, conferences, directories (paper and virtual) etc. In 2005 he co-founded, along with Raymond Field, Mvine, an online record label and music social network built using their own Business Intelligence platform. As well as being a major shareholder in Mvine, Frank is also Chairman of ChangeBase, a shareholder and director of Knowledgepeers.com and musicballoon.com, amongst others, and historically part of analyst organisation, Ovum. Frank is also an Angel investor and a Liveryman of the Information Technologists Company.