Hacking attacks reminder for data caution in cloud computing

Back to TopCommentsE-mailPrintBookmark and Share

Hacking attacks against Sony and other companies in recent months have a cloud hanging over cloud computing—the hot trend of storing data on remote servers and accessing it through the Internet.

“It sets everybody back,” Pat O’Day, chief technology officer for infrastructure-as-a-service company Bluelock, said of the spate of high-profile data breaches. O’Day was among panelists in a TechPoint discussion session June 3, hosted at Barnes & Thornburg’s offices in downtown Indianapolis.

Many of central Indiana’s rising stars in information technology develop software and provide it through “the cloud,” in what’s known as software-as-a-service. The still relatively young business model is growing popular in part because it frees businesses from the cost and trouble of hosting and updating software on their own servers.

Panelists said businesses can plan now to take steps to minimize effects of a potential breach in their data.

Roy Hadley Jr., a partner in Barnes & Thornburg’s Atlanta office, told of receiving a phone call from a client who said an employee retrieving data via the cloud instead received a competitor’s data. “He asked me, ’What do we do?’”

Hadley replied: “Are you sure competitors aren’t able to access your data?
“There was silence on the other end of the phone.”

The cloud is here to stay and businesses should embrace the efficiencies it can bring, Hadley said. On the other hand, he challenged them to consider whether it might not be appropriate to place their “mission-critical” applications on public servers.

With data storage costs falling, companies are lulled into letting years of data or e-mails pile up, which could worsen a breach.  In other words, a company likely would be better off if just three months of e-mails or data were lost versus three years' worth.

“The time to think about what you’d do is beforehand,” Hadley added.

Companies need to have data policies clearly defined upfront, said Rod Rudd, practice director of cloud computing at MMY Consulting Inc. in Indianapolis. Rudd is a Google-certified deployment specialist for Internet-delivered Google Apps for business.

Even if a company’s data hosted on the cloud are secure, the threat remains that a company’s own employees who access it could be a weak link, a problem that predates the rise of the cloud, noted Rudd.

For example, he noted how data became vulnerable when companies increasingly placed information on laptop computers that could be lost by employees. These days, thumb drives can hold massive amounts of data and they’re even easier to lose.

“We’ve had this whole evolution of losing corporate data,” Rudd said.

Even as companies worry about the security of the cloud, “always think about the human element” as well, Hadley concurred. “Be proactive. You’d be surprised how people out there are trying to access your data.”

Bluelock’s O’Day urged companies to look carefully at the degree to which cloud vendors offer guarantees in their service-level agreements with clients.

Not only did Sony’s PlayStation Network this spring lose personal customer information to hackers, but a hacker group last week claims to have accessed personal information of more than 1 million users of SonyPictures.com.


  • Clouds no panacea
    We've seen cloud computing promoted before: it was call ASP (Application Service Providers) in the 80s.

    I just participated on a panel on virtual law practice issues at last week's Indiana State Bar Solo and Small Firm Conference. You'll find my presentation note here: https://sites.google.com/a/kimbrand.com/inbarvirtualpractice

    The delivery of web services is a highly scalable business model - and it's easy to see why vendors race to attract customers: it is very profitable.

    My company makes an on-premise server priced like a cloud service - I like our chances.

    What cloud services have really economized is the delivery of service. Not exactly a new idea as a plan to make more money.

    Kim Brand
    Server Partners, LLC

Post a comment to this story

We reserve the right to remove any post that we feel is obscene, profane, vulgar, racist, sexually explicit, abusive, or hateful.
You are legally responsible for what you post and your anonymity is not guaranteed.
Posts that insult, defame, threaten, harass or abuse other readers or people mentioned in IBJ editorial content are also subject to removal. Please respect the privacy of individuals and refrain from posting personal information.
No solicitations, spamming or advertisements are allowed. Readers may post links to other informational websites that are relevant to the topic at hand, but please do not link to objectionable material.
We may remove messages that are unrelated to the topic, encourage illegal activity, use all capital letters or are unreadable.

Messages that are flagged by readers as objectionable will be reviewed and may or may not be removed. Please do not flag a post simply because you disagree with it.

Sponsored by

facebook - twitter on Facebook & Twitter

Follow on TwitterFollow IBJ on Facebook:
Follow on TwitterFollow IBJ's Tweets on these topics:
Subscribe to IBJ
  1. I took Bruce's comments to highlight a glaring issue when it comes to a state's image, and therefore its overall branding. An example is Michigan vs. Indiana. Michigan has done an excellent job of following through on its branding strategy around "Pure Michigan", even down to the detail of the rest stops. Since a state's branding is often targeted to visitors, it makes sense that rest stops, being that point of first impression, should be significant. It is clear that Indiana doesn't care as much about the impression it gives visitors even though our branding as the Crossroads of America does place importance on travel. Bruce's point is quite logical and accurate.

  2. I appreciated the article. I guess I have become so accustomed to making my "pit stops" at places where I can ALSO get gasoline and something hot to eat, that I hardly even notice public rest stops anymore. That said, I do concur with the rationale that our rest stops (if we are to have them at all) can and should be both fiscally-responsible AND designed to make a positive impression about our state.

  3. I don't know about the rest of you but I only stop at these places for one reason, and it's not to picnic. I move trucks for dealers and have been to rest areas in most all 48 lower states. Some of ours need upgrading no doubt. Many states rest areas are much worse than ours. In the rest area on I-70 just past Richmond truckers have to hike about a quarter of a mile. When I stop I;m generally in a bit of a hurry. Convenience,not beauty, is a primary concern.

  4. Community Hospital is the only system to not have layoffs? That is not true. Because I was one of the people who was laid off from East. And all of the LPN's have been laid off. Just because their layoffs were not announced or done all together does not mean people did not lose their jobs. They cherry-picked people from departments one by one. But you add them all up and it's several hundred. And East has had a dramatic drop I in patient beds from 800 to around 125. I know because I worked there for 30 years.

  5. I have obtained my 6 gallon badge for my donation of A Positive blood. I'm sorry to hear that my donation was nothing but a profit center for the Indiana Blood Center.