Trust your IT, not cloud service providers says HOB exec
The technology evangelist from HOB shows security is still an issue for companies considering cloud computing.
Large companies should trust IT departments with their data, not cloud service providers.
This was view of Aidan Gogarty, a technology evangelist from secure remote-access company HOB, who showed the fear of data security in the cloud was still alive and kicking, despite what vendors might say.
Speaking at the RSA Europe conference in London today, Gogarty admitted to the perks of cloud computing, including infrastructure at your fingertips and the scalability of storage. He even called it cost effective.
However, he said the “most worrying aspect” of the cloud was data privacy and keeping data, which he referred to as “the lifeblood of your company,” in-house was a safer option.
“There are certain companies and industries that, by law, cannot distribute data… bank details, medical records etc,” said Gogarty. “But, if you are using a cloud application, where are the servers? How do you prevent these details going over a border and breaking a law?”
The difference in regulation across separate countries makes it imperative to keep track of where your data is, he claimed.
“If every country had a Patriot Act, this would be ok, but other countries don’t,” said Gogarty.
Cloud Pro Newsletter
Stay up to date with the latest news and analysis from the world of cloud computing with our twice-weekly newsletter
His next point focused on authenticating users who access your data. This is standard when organising security in your own data centre, but with cloud Gogarty claimed you don’t know who can get their hands on your information.
“Any user using data should be authenticated, their identity should be known, and if they are not known they should not have any access,” he said.
“It is pretty standard stuff… but people tend to go oh, cloud, it's great and don’t think about any of this.”
Gogarty admitted smaller companies would not have the resources to dedicate somebody to the security of their data and suggested they could use cloud but through PPP tunnels – point to point protocols between two network nodes for a secure connection – to protect them.
However, he said when companies got to 20 employees or more, they could have either a person or department looking after data, keeping it much safer than cloud service providers could.
“If you have one of these large organisations, if you can have a person spend a 100 per cent of the time protecting your data ,use a VPN,” he said. “You have one guy, or one department, look after it and what you do is get this system administrator to look after your interaction with the cloud.”
“Do you trust him? I trust him a lot more than I do the cloud provider.”
Gogarty claimed a VPN was in essence a private cloud, providing the remote access but offering “complete control of your security.”
“Use the cloud but use it on your terms,” he concluded.
Jennifer Scott is a former freelance journalist and currently political reporter for Sky News. She has a varied writing history, having started her career at Dennis Publishing, working in various roles across its business technology titles, including ITPro. Jennifer has specialised in a number of areas over the years and has produced a wealth of content for ITPro, focusing largely on data storage, networking, cloud computing, and telecommunications.
Most recently Jennifer has turned her skills to the political sphere and broadcast journalism, where she has worked for the BBC as a political reporter, before moving to Sky News.