The ‘Cloud’ and You
What is the cloud?
Are you too embarrassed at this point to ask, “What is the Cloud?” Just like a Neighbor that moved in a year ago, it’s a little awkward to ask their name now. Don’t worry it is never too late to learn!
The cloud is a computing service that is not tied to a physical device or server, but a network of server farms that can allocate resources appropriately. Typically computing was restricted to a physical hard drive and a physical computer. Now with cloud computing you can assign resources from a network of virtual machines to perform the same function.
Cloud Computing: The Las Vegas Metaphor
If you are visiting Las Vegas for a weekend, would you rather buy a second home or book a room in a large casino?
Well, the cost of a second home is a lot higher. The size is always the same. The resources are limited to your property and your only entertainment is to look into your neighbor’s backyard. This is represents the old computing model, investing in your own physical server or computer.
What about a casino hotel room? For a one weekend stay it can cost a lot less. You can get an entry-level room or the penthouse suite. The size is ‘SCALABLE’ or can change to fit your needs. You have entertainment and restaurants that really can be very enticing. This is the cloud computing model. You can get the computing resources (CPU, memory, Internet Bandwidth) all for a fraction of the cost of maintaining a physical server.
Cloud Computing: What is the Security Concern?
In cloud computing, you are losing control as to how your data is stored and transmitted. It is easier to control of the passage of items and persons in your own home than it is in a hotel room. Room service and housekeeping are great perks to staying in a hotel, but you are relying on hotel hiring and security procedures to trust those individuals who are allowed in your room. The Cloud Computing model is a shared space and you are trusting that the infrastructure security measures are in place to make sure that ‘everyone’ plays nice.
Just like Las Vegas attracts a lot of illegal and nefarious activity, large cloud networks are a target for hackers. The attack could come from external hackers or other users within the same cloud network. Would they be able to elevate their privileges and ‘break into my room?’
Cloud Computing: What should I do to protect myself?
- Have a strong password – Your password is your hotel room key. If someone can hack or ‘guess’ your password and break into your account, they will be able to see and possibly steal all of your information. Use at least 8 characters. Change your password on a regular basis. Don’t use the same password for multiple accounts. The more combinations you have in your password (capitalization, numbers, and special characters ‘@’ ‘!’) the harder it is to crack that password. For more tips see: How to Create a Strong Password.
- Encryption – Encryption is the method of changing data values so that the stored data is not in a readable format. If you are worried about an account getting hacked, employ your own encryption solution. Use a .zip utility and encrypt it by adding a password to the file. There are other tools such as SecretSync and DigitalQuick that can dynamically add a second level of encryption to files stored in the cloud.
- Be Careful What You Store – Dropbox is a great tool to share large picture or video files with friends and family. However, without another encryption method in place, you should think twice before putting personal information in such a cloud service. This would include tax documents, and other files that have your social security number, birthdate, account number, etc.
The Cloud is a great resource and we are using it in our daily life without even realizing it. Just remember to have a strong password, encrypt sensitive files, and be careful about storing sensitive personal information in a cloud service.
Cathy Olsen is an Information Security Professional and a mother of four. She likes to break down the technical jargon in order to teach the average user about Internet Safety on her blog www.securemama.com.