Countering cloud computing threats

Share this article:

Technology such as two-factor authentication systems, when married to encrypted VPN connections, can secure an internet connection into a cloud computing-based service.

That's the verdict from the Information Systems Audit and Control Association (ISACA), which concludes that using such techniques would tend to make interception of files and transmissions almost impossible.

Sarb Sembhi, president of the ISACA London Chapter, said, "While there is no such thing as a totally secure system, especially a system that is accessible across the internet, our belief is that, with the right technology, the new generation of cloud computing system can be made as secure -- if not more secure -- than existing server-based office systems."

In a poll earlier this year, ISACA found that information security management, along with regulatory compliance and the challenges of managing IT risks, were uppermost in members' minds when it comes to security.

Sembhi said: "…early examples of this technology, such as the simple web-based email services offered by Google and others, are difficult to secure when using standard web interface, but ISACA believes that, with the right technology, these problems can be solved.

Cloud computing security issues were highlighted by U.S. military academy professor Greg Conti at the recent Defcon security convention in Las Vegas.

According to Conti, "The information we are all giving to online companies is massive and dangerous and [security's] going to get worse before it gets better."

 

 

Share this article:

Sign up to our newsletters

More in News

Errors in ZeroLocker means paying ransom may not decrypt files

A piece of ransomware known as ZeroLocker contains various errors that may prevent files from being decrypted even if the ransom is paid.

Rogue AV scammers find success with new tatics

Although the number of rogue anti-virus malware campaigns have decreased overall, the threat isn't totally gone, according to researchers at Microsoft.

Medical transcription provider settles data security charges

GMR Transcription Services in California agreed to settle FTC charges related to its security practices.