Businesses are reaping the benefits of cloud services, but less has been said about the risks of data sharing technology

Cloud computing

The cloud is taking over the data stor­age world with more than 90% of busi­nesses globally storing some of their most valuable intellectual property on these virtual technologies. The benefits are plentiful. They are cost-efficient, offer unlimited storage, and enable fuss-free remote working and improved collaboration, to name but a few. But its popularity is exacerbating technology-related risks.

Topping the risk register are concerns around corporate data loss and the reputation risk that stems from it. Next to follow are supply chain threats and human risks, accord­ing to risk managers of FTSE-listed companies at a recent SR100LIVE roundtable, held in London.

The biggest barrier, however, is lack of understanding of the cloud and its extent in the organisation. Risk managers who attended the roundtable admit they are struggling to grasp the basics of how the cloud is deployed in their businesses, let alone begin to manage the risks linked to this new technological world.

And it is about to get more challenging, as the cloud’s unprecedented boom shows no sign of slowing.

Businesses are expected to spend $127bn on public cloud computing services by 2018. Blue-chip internet retailer Amazon wants a piece of the action, having launched Amazon Web Services in 2006, a business, it says, would gen­erate $1bn of profits in 2015. This may well be the case, with a client portfolio that includes Adobe, Nokia, Samsung, Expedia and AirBnB.

Google has also moved into the cloud-com­puting world, putting into action a bold plan to overthrow Amazon Web Services, with its public cloud service launched in 2010. PwC, Coca Cola, General Mills and HTC, among others, have all signed up to Google’s services.

As users have easier access to data, incidents of data losses can occur at a moment’s notice and involve vast amounts of confidential infor­mation. Data breaches are also becoming pro­lific. One recent incident saw the private medi­cal records of 1.5 million US citizens exposed. The incident involved a small claims manage­ment software provider, Systema, whose client data was breached. In a statement, the software company said “a single individual gained unap­proved access” into its data storage system.

Chris Vickery, a technology enthusiast, dis­covered the sensitive information after investigating hearsay of data dumps in the cloud. The information “kind of fell into my lap” Vickery was reported as saying. The infor­mation was “left visible” due to mistakes from Systema’s contractors, reports say. Whether the breach was intentional or not, Systema has been criticised for failing to secure and protect its clients’ data.

A bigger problem, however, is managing or preventing reputational damage owing to such exposure. The Cloud Security Alliance (CSA) recently surveyed its members about the top cloud concerns. Loss of reputation and trust was top of the list, closely followed by financial loss and loss of the data itself. Although exter­nal hackers and disgruntled employees hit the headlines, data loss is more probable because of users’ negligence or misunderstanding of the risks involved.

These issues, among others, formed the basis for discussion at StrategicRISK’s SR100LIVE roundtable. Although the risks – and under­standing them – are prime challenges, the gen­eral consensus from the table is that companies need a clear framework to ensure its employees and sub-contractors have adequate systems and training to safeguard company data.

To read more about cloud-related risks, click here