Processing .....please wait.. 
The article has been forwarded.... 
Security fears over cloud computing spike after Sony PlayStation breach
By siliconindia
|
Tuesday, 10 May 2011, 03:08 IST
Bangalore: The Sony PlayStation hacking saga, which caused personal data loss of more than 100 million customers, has aggravated the security fears over the booming cloud computing industry. Further more, it's feared that the hacker may have access to all PlayStation Network account information and passwords, and may have obtained the credit card numbers of its customers as well.
The servers that contained the data for the company's Qriocity entertainment service were compromised and the reputation of the Japanese electronics conglomerate has taken hit. But the real worry is the disturbing fact that it just poured a sense of insecurity over the cloud computing.
The cloud computing companies were successful in making investor and customers believe that their data is completely safe on the cloud. However, experts strongly believe that nobody is secure on the cloud and the Sony PlayStation episode is just the tip of this. Any service, any it be email, online filing taxes, or credit card details, could be compromised on the cloud.
"However, the real question in this case could be asked of Sony. How can a multibillion-dollar company with a good market reputation allegedly be so careless? In my opinion, Sony is simply the company that was caught out. This incident clearly demonstrates the dangers of corporations failing to use high-level information security and audit controls for sensitive data," said Alan Rehbock, Sales and Marketing Director at Magix Security.
The cloud computing providers were the top performers over the last one year in the stock market and their shares have underperformed the broader market following the incident. Shares of Salesforce.com and VMware dropped 3 percent and 2 percent respectively. Many companies with plans to move to cloud-based computing are rethinking about this innovative but risky option.
As long as there are no properly set rules from the government or regulatory bodies on the security of cloud computing, any data stored on the cloud is unsafe. There are hardly any standards or best practices to follow for storage and protection of data on the cloud and it's hard to believe that anyone can provide a completely secure service. Sony's security breach and the Amazon.com's outage are best examples for this.
Companies dealing with healthcare, financial services, and intellectual property are under serous threats from the cyber attackers. As a result, there is an increased rush of such companies seeking for special insurance plans to get their cloud services covered.
Rehbock offers seven tips to companies looking to secure their data effectively without hampering productivity:
1.Be proactive when it comes to securing your IT environment. Deploy an IT risk and compliance management solution and undertake regular vulnerability assessments to help you fully understand your risk profile.
2. Provide tools to automatically track and reliably change passwords, particularly for sensitive accounts such as; administrator logins, embedded application-to-application passwords and privileged service accounts.
3. You need to know who has access to your network, therefore, put technology in place to track privileged logins, delegate access, and change these powerful credentials after each time they're used.
4. Prevent data breaches by randomising administrator passwords and providing fast, secure administrative access.
5. Protect your executives. Make sure you know who has access to the files on your executives' computers and to the data senior managers use every day. Anyone with knowledge of the right credentials can gain anonymous access to read, copy and alter data.
6. Take the initiative to regularly update your IT administrator's technical skills when it comes to security.
7. Encrypt the data on all endpoint devices. No excuses.
These tips are not new or revolutionary; they are best practices that are unfortunately not properly applied in business today. And this lack of application is why we have incidents such as the Sony drama.
