Page 13 - Cyber Warnings
P. 13
analyzed the challenges to cloud computing in 25 peer reviewed articles about between 2011
and 2013 and then compared them to problems between 2015-2016.The results were that the
problems within these years, problems were the same and solutions were similar. The articles
were generally written by people working in IT fields and computer security. This information
made it clear that people using the cloud must understand the ramifications of it and how to
circumvent security problems.
Identification of Security and Compliance Issues
There are many issues encountered in past years that continue in current articles. One major
issue is the fact that several organizations come together to use a public cloud for hosting. With
more than one organization on the same host, if one is hacked, it can leave all other
organizations at risk (Ogigau, 2012). Another challenge in security is that vulnerabilities happen
during transition from an older system to the cloud. Primarily, when organizations make the
transition, a failure to think out the entire process before the move is made creates common
vulnerabilities. Organizations may have to spend time dealing with glitches in the process that
can also leave them vulnerable. In addition, if the organization does not understand the big
picture of security concerns, they may not understand the changes that need to be made. When
this happens, the problem is shared between the service provider who may not understand the
bigger picture of security concerns (Doney & Leite, 2011).
Khan (2016) pointed out that cloud outages are common and they are more targeted security
attacks. A Symantec (2016) report showed that an increase of attacks by 91% came from
targeted attacks due to spear-phishing attacks that began in 2013. Ryan (2013) stated that the
major problem for cloud security is the fact that information is shared with the service provider.
The sharing of data makes the organization vulnerable to attacks from both inside and outside
the organization. Also, data can be lost by the host through accidental deletion or information
that is modified incorrectly. These are just a few of the challenges that organizations face as
they continue to operate within the cloud.
Compliance Issues
Yimam and Fernandez (2016) stated that when organizations move to the cloud, they do so
without understanding that there are compliance issues that are pertinent to each of the
software packages. In the United States, FISMA, HIPAA, SOX and PCI are all compliance
entities that have to be taken into account depending on the type of business.
Buckman and Gold (2012) researched education and noted that when educational institutions
moved to the cloud, the issue of security and confidentiality still had to be in place. Education
must be able to comply with FERPA laws and other programs that govern how educational
institutions deal with students, financial needs, and Internet security needs within their
institutions. This means that moving to the cloud will make the institution more dependent on a
13 Cyber Warnings E-Magazine October 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
