Businesses fumbling cloud-based big data priorities

The latest survey conducted by CA Technologies, has revealed that 84 per cent of businesses are now attuned to the potential benefits of big data hosted in the cloud. This serves to indicate that word about such systems is spreading quickly across the world.

Of those organisations that have already adopted big data at this point, 88 per cent believe that it will help them to boost revenues, or have already begun to experience the positive benefits of adoption.

However, TechRepublic reports that there is a discrepancy between the eagerness with which the cloud is being used to fuel big data expansion and the levels of access that businesses are comfortable in providing to employees.

Just over a third of respondents said that they intend to raise the rates with which staff were given access to the data and analytical tools afforded to them by the cloud.

The upshot of this could be that most employees remain in the dark about the way that big data works, which could be a limiting factor in the growth of many businesses. Meanwhile, control over this market will remain in the hands of a relatively small group of experts.

This will be good for the individuals who are already trained in how to best use big data platforms, but could mean that the next generation of individuals who could potentially operate in this field will not get the opportunity to do so, because access to platforms is so restricted at the moment.

Some observers argue that businesses and the cloud industry as a whole need to do more to democratise access to the data and tools which are being deployed at present. Without this, the true potential of this technology may be a lot harder to realise.

Big data proposed as solution to cloud security threats

Chinese firm, Huawei, this month unveiled its plans to leverage big data in order to boost security in cloud computing environments and beyond. This encompasses not only data centres but also the remote devices which rely on them to provide a range of software and storage services.

APT (advanced persistent threat) attacks that might otherwise compromise an entire cloud solution are targeted by the firm’s solution, with end to end protection ensuring that this type of operating environment is much safer for businesses and consumers alike.

This solution is being developed in response to the rise of the Internet of Things (IoT), which spokesperson, Liu Lizhu, said not only creates many opportunities but brings with it a range of previously unforeseen security risks that have to be addressed.

Without encryption in place, almost three quarters of IoT devices remain vulnerable to exploitation. And since these devices intrinsically rely on the cloud to bolster their capabilities, a big data solution to the threats is seen as being the most efficient and powerful one available.

Orchestrated DDoS attacks, powered by malicious botnets that are often available to cybercriminals to hire for whatever actions they have planned, can also be counteracted through the power of big data, according to Huawei researchers. And since more businesses are migrating mission-critical apps and data to the public cloud, being able to ensure that everything remains accessible, even when an assault is being levelled against a particular data centre, is of paramount importance.

Most importantly, it is possible for attacks to be detected and deflected in real time. And there is little doubt that improved cloud security like this will act as a deterrent to individuals or groups, who would otherwise seek to breach systems and take advantage of any weaknesses.

Cloud providers voice concern over new EU data protection plans

The EU is in the process of drafting a new set of regulations which are designed to provide data protection across all member states. But there are fears that the rules may lead to problems for the firms which offer cloud computing to customers across the continent, according to Computing.co.uk.

Various major cloud vendors have come out to make public statements about the potential impact of the regulations. They are arguing that the powers being given to individuals to take legal action against the companies which store and process their personal data, will damage the industry immensely.

Cloud providers will also face steep fines under the new rules if they are found to have broken any part of the data protection legislation. Rather than charging a flat fee, the regulatory body will have the ability to fine organisations based on their annual turnover, which could lead to astronomical sums being paid.

Critics fear that cloud computing may well be seriously compromised as a result of the regulations, which have taken three years to be finalised. And it is not just providers from the US that are critical of the EU’s plans, but also companies based in Germany and other countries.

The intent of the EU is to make sure that the regulations governing data protection are unified across all member states, which it argues will also help to increase economic growth, in spite of the protests being made by tech firms.

Current data protection regulations do not hold cloud providers accountable for the information they store because they process it but do not collect it. The EU wants this to change, so that there is a level of liability in the market not currently available, as a result of existing rules being formulated long before the cloud was widespread.

Security threat posed by cloud exploit

Security is an issue which dogs the cloud industry and causes sceptics to argue that mission-critical solutions should not be hosted on public platforms. And in most instances, the threats are over exaggerated or entirely fabricated.

However, this month a new vulnerability in the way virtual machines operate has been uncovered and there are concerns that this weakness could be exploited, causing major problems for providers and users alike.

The so called Venom vulnerability contravenes the idea that virtual machines hosted in the cloud are distinct from one another and so do not allow users to leap from one virtualised operating environment to another.

So while the promise of keeping ecosystems separate in the cloud is regularly made by vendors, Venom reveals that it is possible to leapfrog from one virtual machine to another. And this might mean that hackers could compromise the systems of more than one cloud customer, according to researchers at CrowdStrike.

A number of affected cloud platforms have been identified and the exploit is founded on a bug that is triggered by a buffer overflow in a virtual machine’s floppy disk controller, according to Ars Technia.

Although some have argued that Venom may ultimately have ramifications that are as far-reaching as the Heartbleed bug, that reared its head back in 2014, others are certain that the extent of the impact of this new fault will not be nearly as significant.

The good news in this instance, as well as in any scenario involving security vulnerabilities unearthed in the cloud industry, is that vendors have a competitive incentive to find solutions and patch any issues out of existence.

This innate need to make the cloud as safe as possible, so that customer confidence is restored, is what makes the market so responsive to threats.

Businesses fumbling cloud-based big data priorities

The latest survey conducted by CA Technologies, has revealed that 84 per cent of businesses are now attuned to the potential benefits of big data hosted in the cloud. This serves to indicate that word about such systems is spreading quickly across the world.

Of those organisations that have already adopted big data at this point, 88 per cent believe that it will help them to boost revenues, or have already begun to experience the positive benefits of adoption.

However, TechRepublic reports that there is a discrepancy between the eagerness with which the cloud is being used to fuel big data expansion and the levels of access that businesses are comfortable in providing to employees.

Just over a third of respondents said that they intend to raise the rates with which staff were given access to the data and analytical tools afforded to them by the cloud.

The upshot of this could be that most employees remain in the dark about the way that big data works, which could be a limiting factor in the growth of many businesses. Meanwhile, control over this market will remain in the hands of a relatively small group of experts.

This will be good for the individuals who are already trained in how to best use big data platforms, but could mean that the next generation of individuals who could potentially operate in this field will not get the opportunity to do so, because access to platforms is so restricted at the moment.

Some observers argue that businesses and the cloud industry as a whole need to do more to democratise access to the data and tools which are being deployed at present. Without this, the true potential of this technology may be a lot harder to realise.

Cloud computing to impact real world security services

Coverage of the cloud often focuses on whether or not the security it offers is adequate to justify migrating mission-critical apps and data to third party platforms. But the concerns over the digital protection afforded by cloud computing are generally being assuaged over time.

Now experts are suggesting that the cloud could soon have an impact on real world security operations; in short, the power of this form of IT will be brought to bear on the security of domestic and business premises, according to industry executive, David Ward.

Ward told Sourcable that the cloud is allowing for the automation of security systems, while also enabling remote access to the features that help to monitor premises of all kinds, without a human presence required on-site.

Crucially, this type of technology is already being deployed, with security firms choosing to harness central cloud-powered platforms rather than having to host the necessary infrastructures themselves.

This makes it much more affordable for clients to be offered the latest functionalities, since if the operating costs were higher for the vendors, then the same would not be possible.

It is not just about passive monitoring; the cloud is being used to help remotely control access to premises via wireless locking systems that, again, can be manipulated from any location using an internet-enabled device.

This has obvious benefits for businesses, ensuring that people can get in and out of a building effectively at all times, even if a member of the security team is not on site.

The cloud’s ability to lower the barrier of entry for high end IT adoption and hosting is having an impact across a range of industries and real world security seems in prime position to benefit from this in the coming years.

Public sector workers must overcome cloud trust issues

A survey of workers in the public sector has found that 92 per cent of those employed by government funded organisations have reservations about the use of cloud computing as a result of security.

The study, conducted by Huddle, concluded that just over a third of public sector staff have yet to encounter any form of cloud computing, while 43 per cent said that they still deal with paper documents on a regular basis.

This means that close to half of all those employed in the public sector still rely on the somewhat archaic practice of printing out files, so that they can be sent to a relevant recipient through the post, rather than utilising online storage solutions to deposit and transfer data in the cloud.

Report spokesperson, Alistair Mitchell, explained that this lack of trust in the cloud was compromising the ability of public sector workers to collaborate and cooperate effectively with one another in the modern workplace.

The lack of efficiency that this leads to is seen as unsustainable by analysts, which is why cloud providers are being urged to do more to foster positive reputations surrounding security.

Mitchell said that while staff are enthusiastic about the potential benefits of the cloud, the lack of confidence in the available platforms is worrying. It is also recommended that the government provide more training and education surrounding the cloud, so that there is less to fear.

Another of the complaints that exist among those in the public sector is the amount of time that the migration of data to the cloud can consume, with 85 per cent of respondents citing this as a concern. Again, this is something that both providers and IT decision-makers can do more to tackle in the coming years.

Major cloud security acquisition allegedly made by Microsoft

Software giant, Microsoft, has been attempting to position itself as a leading light in the emerging cloud industry. And now, Reuters reports that the company is apparently in the process of acquiring a cloud security firm called Adallom, as part of a deal worth an alleged $320 million (£205 million).

Cloud security is the chief concern of the majority of businesses which are in the process of adopting a relevant platform within this industry. With a raft of recent acquisitions under its belt, most of which are targeted at enhancing the cloud solutions that it has on offer, Microsoft is fending off competition from Google, Amazon and others.

Adallom itself was only founded three years ago and currently employs just 80 people, both in the US and in Israel.

It no doubt caught the attention of Microsoft as a result of the fact that it offers cloud security to businesses, keeping their mission critical data on third party servers, such as those offered by its new American parent firm.

The flexibility of the cloud ecosystem is such that it allows a range of companies to operate within it as well as profit from it, meaning that Microsoft and others can run the hardware infrastructures while Adallom and its contemporaries offer additional services, to further enhance the functions available to enterprise clients.

Cloud security concerns stem from the fact that data will be hosted off-site, on hardware over which individual users have no control. And there have been instances of security breaches, as well as government monitoring, which caused controversy in the market.

However, with intelligent systems in place, it is possible for the cloud to meet and exceed expectations of security, especially when compared with on-site setups, which can be just as vulnerable to exploitation.

Users remain biggest risk to cloud security

A new report published by CloudLock has concluded that it is the users of cloud services that are most likely to leave a particular platform vulnerable to security breaches, as opposed to the provider or the infrastructure on which a solution is based.

In fact analysts discovered that while the majority of users are relatively conscientious about the security requirements associated with using the cloud, a single percentage point of people is responsible for the problems faced by the modern marketplace.

This means that while plenty of businesses may be concerned about the impact that malicious third parties can have on cloud security, the reality is that it is more likely their own employees will be the cause of any breaches that do occur.

Part of the problem comes down to the fact that different users are provided with different levels of access and different privileges. This means some users can do much more damage than others, even if they are unaware of how dangerous their actions might be.

This is where the interaction between user vulnerabilities and malicious third parties come into play, because analysts argue that hackers are looking to exploit users with privileged access to enterprise IT systems via the kinds of phishing tactics that are common across the internet.

In many instances only a handful of users need to be tricked by hackers in order to provide access to private data and manipulating individuals is often easier than attempting to take on the significant security resources which cloud providers have at their disposal to prevent direct attacks from succeeding.

Businesses should ensure that employees are properly trained so that this kind of exploitation is less likely to occur. They should also deploy systems which can work out whether accounts are behaving as they should so that erratic activities and fraudulent use can be stamped out.