Cloud Growing, Security Lacking

Tuesday, November 12, 2013 @ 11:11 AM gHale

Cloud usage is becoming more widespread, but as more businesses find their way out there, few actually go beyond the provider in terms of security measures, a new report said.

On top of that, even fewer seek heightened data protection because of concerns that usability and access to remote data would end up significantly reduced, according to the report from Georgia Tech.

RELATED STORIES
Machine Data Backup in Cloud
Cloud Security Draft Document
Cloudy Days Ahead: Business App Risks
Cloud Developers Close Security Holes

These concerns are among findings made by the Georgia Tech Information Security Center (GTISC) and the Georgia Tech Research Institute (GTRI) in the Georgia Tech Emerging Cyber Threats Report for 2014. The report released at the annual Georgia Tech Cyber Security Summit, a gathering of industry and academic leaders who have distinguished themselves in the field of cyber security.

“With recent revelations of data collection by the federal government, we will continue to see a focus on cloud security,” said Wenke Lee, director of GTISC. “But encryption in the cloud often impacts data accessibility and processing speed. So we are likely to see increased debate about the tradeoffs between security, functionality and efficiency.”

Encryption challenges were a focus at this year’s summit, which featured some of the nation’s top information security experts. These included keynote speaker Martin Hellman, professor emeritus at Stanford University and one of the inventors of public key cryptography, a way of securing communications without relying on pre-shared secrets.

In related findings, the report reveals security issues involving the “Internet of Things,” referring to the notion the increase of Internet-capable devices could create opportunities remote hacking and data leakage. With everything from home automation to smartphones and other personal devices being able to connect to the Internet, these devices will capture more real-world information and could permit outside parties, companies, and governments to misuse that information.

In the mobile space, even though designers of mobile devices and tablets developed a robust ecosystem to prevent large-scale device compromises, the report found the threat of malicious and potentially targeted use remains. Earlier this year, researchers at Georgia Tech reported they found ways to bypass the vetting process of Apple’s App Store and subsequently showed how malicious USB chargers can infect Apple iOS devices.

“No matter how successful we have been, black hat operatives will continue to attack infrastructure at every angle possible, making cyber security a global issue for years to come,” said Bo Rotoloni, director of GTRI’s Cyber Technology and Information Security Laboratory (CTISL). “We must remain vigilant. The purpose of this Summit and Report is to raise awareness, create educational opportunities and maintain an ongoing dialogue among industry, academia and government.”

Click here to download the report.



Leave a Reply

You must be logged in to post a comment.