Apples to Apples Wozniak on Cloud Security
The cloud is an easy mark for security concerns with some or all of a company’s data residing somewherebeyond the local server stack, both IT administrators and managers often get nervous about how much risk they’re taking on. Cloudproviders have fought hard to correct this perceived defect, but may have a tougher time now that Apple co-founder Steve Wozniak has voiced grave concerns about the future of cloudcomputing.
A recent Digital Journal article talks about Wozniak’s view of the cloud, informed in part by the recent hacking of a writer for Wired, Mat Honan. Honan’s Amazon account was compromised, then his Apple ID, which in turn allowed hackers to wipe his iPhone, iPad and MacBook. The hackers then took control of his Twitter account and used it to post offensive material; Honan was able to get in contact with one of the hackers through another Twitter account and learned just how easy it had been to access all of his accounts once one had been breached, as they had been daisy-chained together with similar reset password email addresses. Wozniak’s view of the matter is fairly dismal: with the cloud, you don’t own anything. You already signed it away, and he warns that I really worry about everything going to the cloud. I think it’s going to be horrendous.
This is quite the doom and gloom prediction from one of the worlds technology gurus, but is the great and powerful Woz right? Should businesses fear cloud computing and cling tight to the world of hard drives and physical servers?
Yes and no. It’s all a matter of degree; some cloud providers will try to hard-sell an all or nothing paradigm but the true strength of the cloud lies in its flexibility. As evidenced by Wozniak’s comment and the hacking example above, security issues absolutely exist in the cloud. That doesn’t make it a minefield businesses should avoid at all costs, however, just an adolescent technology that needs time to grow. Instead of looking at cloud computing as the only way forward, businesses can start instead by moving a few non-critical applications to a public cloud or consider implementing a private cloud if more control is needed. There’s nothing wrong with keeping a physical hard drive running or a backup server spooled up with mission critical data just in case something goes wrong, but a knee-jerk reaction, even to comments from Wozniak, won’t do an IT admin any favors.
Everything in moderation is good advice in life; it’s also good advice when it comes to the businesscloud. With its scalability, agility and redundancy there’s no reason for complete cloud avoidance, but putting everything into the cloud because it’s the newest technology on the block doesn’t make any sense either. Though Wozniak makes good points, and there’s clearly room for growth in the cloudsecurity industry, small steps in skyward can still yield big benefits with the right oversight from IT professionals and the backing of a solid provider.