How Safe and Secure is Cloud Computing?

© Tomasz Zajda - Fotolia.com
© Tomasz Zajda – Fotolia.com

These days, it seems that a week does not pass without some well-publicised hack or leak on the internet featuring in the news. From celebrities’ private nude photos to film scripts, from private messages to even complete films themselves, everything stored on the internet seems to be vulnerable to being copied or stolen. But is Cloud Computing really as unreliable and untrustworthy as all the headlines suggest?

What is Cloud Computing?

Cloud Computing is a useful function for all those who create, manage or want to share electronic documentation or content. Traditionally, computing was predicated on the power and the capacity of a user’s own computer, which was used to store and run computer programs as well as the output of those computer programs, whether they be word processed documents, spreadsheets, videos or audio. However, over the last 5 years or so, the way people compute has been radically changed via the internet and the popularity of mobile or portable devices.

The idea that someone would have just one device from which they would run programs or access the internet (for either personal or professional reasons) is antiquated. People now have very powerful computers on their person in the form of mobile phones or tablets, which are just as likely to be used for computing as the desktop or laptop that is based back in their office. The way people need to access or create information has changed, and computing has changed to adapt to these new needs.

Cloud Computing is the solution to a person’s modern computing needs. Rather than storing information on one device, or having to install and run a computer program on a particular computer, people access information and software that is stored and run remotely on the internet itself. This liberates people to work from a variety of locations and also to work on a variety of devices. Cloud computing has also opened up new avenues of collaborative working (two or more people can work on the same document at the same time, for example) and has speeded up file sharing with colleagues through services such as Dropbox or Google Drive.

Cloud Computing is a powerful, arguably essential, feature of the modern workplace that has speeded up processes and liberated work practices. It is therefore inevitable that the more widespread a new technology is adopted, the more likely its flaws are going to be highlighted or publicised and potentially exploited. But just how much at fault is Cloud Computing itself, given the recent scandals? 

Nothing is 100% secure or impenetrable

Any security system, by being a human creation, will have fallibilities and weaknesses. There is also a trade-off between ease of use and access on the one hand and the security and privacy offered by such systems on the other. In theory, most computer programs could offer an indefinite series of passwords or security features, but too many would make such computer programs unusable and highly frustrating for day-to-day use. It is this trade-off that encourages users to take shortcuts or to disable security measures with Cloud Computing, and it is this that puts people’s data at risk, not the concept of Cloud Computing itself. 

The majority of Cloud Computing scandals are due to criminal activity, user naivety or user carelessness

It is the way that most users approach Cloud Computing that can create vulnerabilities, rather than Cloud Computing being inherently vulnerable in itself. By creating a daisy chain of computer programs that access the same information from the same online Cloud source, a user is potentially creating many additional points of vulnerability, which would not exist if they were using just the one dedicated Cloud Computing program for one particular purpose.

A recent case in point is the well-publicised revelation that Snapchat messages had been stored somewhere else and have now been leaked online for all to see. Snapchat is a messaging application that offered the promise of privacy; unlike an e-mail or normal text message, any text, photo or video sent to a recipient would automatically be deleted after having been read, in a manner not too dissimilar to the mission briefings in “Mission: Impossible”. Obviously, the news that Snapchat messages were not being deleted and were being stored is both potentially disastrous for both the user and for Snapchat. However, it has since been revealed that Snapchat is not to blame; the security breach only affected those Snapchat users who had installed and used another third-party application that interacted with the Snapchat app. In other words, if users had not attempted to tinker or customise Snapchat itself, their messages would still have been safe and secure.

This highlights that the main risk of Cloud Computing is the naivety of users as to how it works and how it should be configured. If you are looking to safely store your information, be aware of how your information is being stored in the first place, where it is being stored and how it can be accessed. For example, the recent cause célèbre of nude celebrity photographs being leaked on the internet occurred because many of the celebrities involved were simply unaware that the photos that they took with their internet-connected mobile devices were automatically backed up to their iCloud accounts. This is unfortunate naivety about a feature that is there to benefit users of the Cloud; if your mobile device were stolen, you would still have your photos backed up on a remote account.

But in the case of the celebrity nude photos, naivety is only half the answer. In many instances, their accounts were hacked by dedicated fans and disgruntled former employees, who either figured out the celebrities’ passwords (i.e. trawling interviews for the names of pets, for example) or were privy to the account details in the first place. Although the celebrities were both naïve and a bit careless about their security details (people should change their passwords on a regular basis), they were ultimately the victim of criminal activity. People logged on to those celebrities’ Cloud accounts without permission and with malicious intent, and people should not lose sight of that fact. 

So the Cloud is not secure then?

Not so; the Cloud is secure or as insecure as your own understanding and your interactions with it make it. In all the examples above, there was a perfect storm of user naivety, user carelessness and malicious intent. By tackling any one of those three issues, you make your own Cloud Computing experience immediately more secure. You can’t remove the threat of malicious intent in others, but you can certainly make sure that you fully understand your Cloud provision, which programs have access to it and how they access it. By doing so, you make Cloud computing as safe as any other form of storage.

Even the most secure banks, vaults and museums get burgled occasionally, and it is unrealistic to expect Cloud Computing to be 100% infallible. However, by having a full understanding of how you use it and what security you can put in place, you will ensure that the risk of a breach of your Cloud storage is not inadvertently increased by your error or your own misunderstanding of the technology.