Friendly Reader: I was recently asked to compose an article in about 600 words that explains cloud security to the masses. I accepted the awkward challenge, and the paragraphs below are what I delivered. I thought I’d share it here, just in case you’re ever asked to do the same (perhaps by members of your Luddite Board). Here it is...
Thirty years ago, a little wooden hut sat in the parking lot of my local Jersey strip mall. I would drive up to the hut, pay a few bucks, and a teenager would hand over a packet of developed photos, including a nice shot taken during that era of a Bulls rookie named Michael Jordan. After glancing through these photos once or twice, I would toss them into a shoebox, along with dozens of other packets. That box still sits up in the closet somewhere – I think.
Twenty years ago, a clunky PC sat on the desk of my Jersey office. I would log into the PC, click on the HP icon, and then digitally scan my printed photos into local memory. This included a nice shot taken during that era of a Yankee rookie named Derek Jeter. The scans would be arranged into a folder on my Windows system, and before long, I had hundreds of photos stored on this PC which I looked at occasionally. I have no idea where they are today. No clue.
Ten years ago, an iPhone found its way into my Jersey pocket. Soon, I was using this device to take zillions of pictures, including one from that era of a promising young college basketball player named Stephen Curry. Like all of you, I would click on a couple of icons, and the iPhone would then shove these pictures into something called the cloud. With so many cloud-accessible photos, I began to illustrate my conversations (quite annoyingly) with photos.
Jump to the present, and the cloud introduces a couple of security considerations – but perhaps not what you would guess. First, it should be clear that moving from printed photos in a shoebox to iPhone images in the cloud greatly reduces the likelihood of a hacker intentionally destroying your precious photos. This implies that with the progression to cloud, the risk of lost data is reduced. Ransomware attacks, for example, are less dangerous when you use cloud.
But also with this progression to cloud comes the concern that with photos sitting up in some Apple or Microsoft or Google data center (yes, the cloud is just an assortment of data centers), perhaps someone might gain unauthorized access to embarrassing or private photos. This implies that we must trust the administrators at cloud services companies to make sure this doesn’t happen. And that is not always so easy.
All this implies that cloud security involves a collage of activities that are mostly the responsibility of the service provider. They accomplish this using advanced protection techniques, including creating many little private virtual shoeboxes (ahem) that keep my photos separate from yours. Security experts call this method segmentation, and the ability to run many operating systems on one machine (called virtualization) makes it efficient.
Businesses (and Boards) have been slow to embrace the cloud and its security methods, because they involve a shift in protection control. Some businesses are more comfortable recently, as cloud providers have begun to allow inspections and audits by experts who attest that everything is being done according to best practices. This is good news for all of us, because most cloud providers are quite capable when it comes to security.
Now, if you ask where I’ll be storing my photos ten years from now, I guess my answer is that I don’t know. Perhaps some autonomous virtual robot will sense what I am thinking and snap the pictures for me – just in case I might want them. And if you ask me which sports stars in ten years will be the next Jordan, Jeter, or Curry – well, if I knew that, then I assure you I wouldn’t be spending my time trying to write 600-word tutorials on cloud security.
- by Edward Amoroso, Founder & CEO, TAG Cyber LLC