When you approach the cloud, think about these risks

Here is an interesting article in the NYTimes passed to me by my US CTO. It makes you think about putting data in the cloud as when your data is “in the cloud” there is the clear and unmistakable risk that you could be sharing resources with not-so-ethical companies, who may suddenly end up under investigation.

And your data may end up being seized in the course of an investigation, without your knowledge. Suddenly, you lose your server, you lose your data, your website goes offline without notice and without reason, bringing business to a halt. If you are an online merchant that is of course especially damaging but for anyone putting their business in the cloud, this is reason for great concern.

The investigation in question is supposedly related to the Lulz hacking group. This investigation is being conducted in conjunction with European authorities. So the data and servers that were confiscated could become part of an investigation your company has no reason to be involved with at all.

When you approach the cloud, you need to think about these risks:

  • What data do you put in the cloud
  • Where are you actually putting it
  • Who are your neighbours and
  • What happens to your servers and especially your data in situations like the one described here

Your management may well want to be in on this decision!

This is not the first time that the FBI or other investigative agencies have done something like this. If they continue operating in this manner, with an apparent disregard for the issues caused to the other, innocent, companies hosted in the same or even adjacent servers, they may end up causing a damage to the cloud in itself.

The result could be that more and more companies reconsider their options and decide that hosting that server in house is still the best option after all, even if it is more costly.

Simon Heron is Internet Security Analyst at Network Box (UK), a managed security company, where he is responsible for developing the overall business strategy and growth. Simon has more than 16 years experience in the IT industry, including eight years experience in Internet security. During this time he has developed and designed technologies ranging from firewalls, anti-virus, LANs and WANs. Prior to Network Box, Heron co-founded and was Technical Director of Cresco Technologies, a network design and simulation solution company with customers in the U.S., Europe and China. Before that he worked for Microsystems Engineering Ltd, as a Project Manager, where he implemented network security for the company.