Countering cloud computing threats

Share this article:

Technology such as two-factor authentication systems, when married to encrypted VPN connections, can secure an internet connection into a cloud computing-based service.

That's the verdict from the Information Systems Audit and Control Association (ISACA), which concludes that using such techniques would tend to make interception of files and transmissions almost impossible.

Sarb Sembhi, president of the ISACA London Chapter, said, "While there is no such thing as a totally secure system, especially a system that is accessible across the internet, our belief is that, with the right technology, the new generation of cloud computing system can be made as secure -- if not more secure -- than existing server-based office systems."

In a poll earlier this year, ISACA found that information security management, along with regulatory compliance and the challenges of managing IT risks, were uppermost in members' minds when it comes to security.

Sembhi said: "…early examples of this technology, such as the simple web-based email services offered by Google and others, are difficult to secure when using standard web interface, but ISACA believes that, with the right technology, these problems can be solved.

Cloud computing security issues were highlighted by U.S. military academy professor Greg Conti at the recent Defcon security convention in Las Vegas.

According to Conti, "The information we are all giving to online companies is massive and dangerous and [security's] going to get worse before it gets better."

 

 

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

President signs Executive Order to improve payment security

President signs Executive Order to improve payment security

President Obama signed an Executive Order at the Consumer Financial Protection Bureau calling for enhanced security measures, including microchips and PINs.

Security, tech firm coalition fights Hikit actors, other advanced groups

Security, tech firm coalition fights Hikit actors, other ...

The coalition began as an effort to stop the spread of the Hikit trojan, previously known for targeting U.S. defense contractors.

Phishing email delivers keylogger malware, also takes screenshots

Phishing email delivers keylogger malware, also takes screenshots

The malware has various features, including the ability to start persistently, take screenshots and bypass user access controls.