Hackers and the Cloud

There are a variety of reasons someone might be hacking your information, with any Cloud service there is going to be a wealth of data. Remember, whatever your reason for choosing one Cloud provider over another, other people are likely making similar choices for similar reasons. In addition, with more and more people moving their data to the Cloud, the increase in payoff for the hacker attracts more sophisticated hackers. Hackers will use a number of entry points to get into the Cloud provider. A lot of the vulnerabilities are in the interface between you and the Cloud provider. A Cloud service should be using the most sophisticated techniques to secure your data on their end. But remember that an API gives access to the server, in limited formats, to any one using the UI or API.

An API, or Application Programming Interface, is is similar to a UI, or User Interface. Though often used similarly, the two can offer varying services depending on who is using the term. An interface is the way a user interacts with some program or programs; an API provides access to the service. It is a program that you can operate from a remote location. This interface provides a key security loophole that can be exploited because the Cloud provider is giving access to the user. It can seem an obvious problem, and in some respects it is, in addition some API’s give access to the Cloud customer’s customer. Some companies or individuals are using Cloud services to offer back up and security to their prospective clients.

There is no one-step way to prevent hackers, a lot depends on the systems you are using. For every system there are going to periodic vulnerabilities, but staying up to date with the latest patches for your software is important. Researching known vulnerabilities is also important. There are various companies which you can hire to keep you abreast of vulnerabilities and problems that occur.

A lot of Hackers are increasing their efforts towards spear phishing, spear phishing is a way to find out passwords or answers to security question through indirect means. After discovering who has access, a hacker will look through public information about that customer, and even a username that might be given away by the employee. The most basic thing you can do to thwart hackers is to educate your employees on the various threats to security. What could seem like an innocuous question, or email attachment, can very well be the opening to an attack. The basics are simple, verify everything. If you aren’t sure of the website, or an email attachment, then do a little research into it. Perhaps you are getting a call from someone saying they are a provider; find out for sure by calling them back.

Hackers have a variety of reasons to get your information, sometimes to sell it to other hackers who can use your usernames and passwords to log into other sites. Suffice to say, this information is becoming more and more of a commodity it our markets. And as long as there are people who want that information, a burgeoning blackmarket for information will develop.

The difficulty is that this is all going on behind the scenes. You may have been hacked and not even know it, yet identifying what information was compromised, and the weak point in your system that allowed for the breach, is a crucial part of keeping a competitive edge in the world today. A lot of the prevention can seem vague or unnecessary to keep your data safe, but it is vital to understand security and your Cloud provider.

Interoperability and Cloud Services

Interoperability in a general sense is the ability of an infrastructure to be able to connect and communicate with another structure without something translating, or restricting access. It is designed for a service to be formatted to allow cross-platform communication, in simpler terms. Word and Pages were not always interoperable, but rich text formatting was interoperable between the two. The ability for data to be moved from one format to another without a middle man is a key element. The other element for many service providers is access, if their product would be the dominant culture. The dominant cultural product would want to restrict certain information to maximize their products capabilities. So for something to be interoperable the data must be easily moved, and all of the data must be available; which is difficult for businesses to manage.

Each Cloud Service is going to want to showcase a unique product to their customer base. Essentially they will want to carve out a niche, if not become the primary provider; to do that they need to have a unique and powerful offering.

For a Cloud provider to be able to distinguish their service from others is paramount to be able to thrive in this new culture. With most new industries there is a relatively massive push and pull between different standards. Like the classic examples of Apple and Microsoft or even VHS and Betamax; this polar competition is a rough approximation to the standardization issues in interoperability of Cloud Services. In he Cloud world there is a much larger variety of services, even types of services, but the nitty-gritty of the issues is a need for a company to distinguish themselves amongst their competitors.

The vendor of a particular Cloud service may feel that they have a nifty offering, and they wouldn’t want to create an inferior product to meet an industry standard. Now if there ever is an industry standard, each company will have to decide if portability of offerings is necessary for them to compete with other services. They will be deciding between the particulars of their offering and the offerings needed to port from their competitors. But being able to move from a competitor also means the ability for their customers to move to one of their competitors. Not surprising the ability for your data, software, or platform to communicate and integrate with other services is the main difficulty with moving it. Portability is the ability to port or move your data from one system to another, not surprising the main issue with portability is interoperability. I am using data in a very general sense, it can mean literally the information stored on an Saas system, or the programs that are stored in a Paas system, for instance. The interoperability of your data wedges into this issue of porting information from one system to another. There are strides being made into interoperability, a growing desire from parts of the industry to have a standard to ease interoperability.

As a vendor of a Cloud service you have to consider whether you are utilizing the best practices as well as what is good for your company. Your company may be able to beat out competitors by having the best services provided and then the adoption of a standard set of services necessary for interoperability might cut down on the services offered. A company could end up giving a competitive edge over in search of complying to an industry standard. So, the need to be interoperable is not a task to consider lightly. There are many standardizations that would be good for a consumer but not necessarily for a vendor.