Cloud Cover Obscures Breach Vulnerability

Posted on  October 12, 2017

 

It is almost “old hat” for anyone to address the fact that computer systems and digital networks have inherent breach vulnerability.

With the ever-increasing use of the “cloud,” however, there seems to be a certain misapprehension that the cloud is some safe refuge that eliminates the risk of breach.

In fact, this false sense of security seems to imply that the cloud is some newly formed intangible safe haven that cannot be touched by us humans standing on planet Earth, much like the clouds in the sky. Furthermore, even if we were able to reach the cloud, we would not really have anything to hang onto, and as such, the cloud is the safe haven or “heaven” through which we are all safe.

Now for the harsh reality. Ultimately, data is stored on servers. The cloud is merely a set or an array of servers that are accessible to people irrespective of where they are, much like the clouds in the sky that can be seen by many people from many different places. Having said that, the cloud in which digital data is stored is still a physical server.

The advantages of cloud computing are that they store and are expected to protect massive amounts of data, and therefore, offer economies of scale as well as the ability to offer advanced and sophisticated protection from breaches at a lower price.

While the advantages of cloud computing are abundantly clear, we should never forget that the very advantage of massive amounts of data and economies of scale also create very large and potentially lucrative targets for hackers. David S. Linthicum, a consultant at Cloud Technology Partners, a division of Hewlett Packard Enterprise, advises that “cloud users themselves could make key mistakes in a single-tenant environment (hosting, for example), so applications running in the public cloud are not completely immune from breaches.”

If you are still of the belief that the larger you are the less likely you are to be hacked, you might want to Google Equifax. Obviously, it is not the only company that stores mass data that has been breached.

Ultimately, the more efficient and robust our digital data storage and transfer capabilities become, the more likely we are to be vulnerable to large and potentially devastating breaches.

HIPAA and HITECH seek to protect personal health information (PHI) and electronically stored personal health information (ePHI), while at the same time our healthcare system, with the encouragement of government, seeks interoperability of various healthcare providers essentially pushing healthcare into the cloud. In essence, these are two goals that are pulling in opposite directions. It will be interesting to see which side prevails in this tug-of-war.

In summary, when thinking of the cloud it is helpful to remember that oftentimes clouds lead to rain, rain leads to floods, and floods lead to damage. The same may be said about cloud computing.

What do you think?

 
Bookmark This Page

Comments 26

  1. Perhaps the greatest fundamental leap forward in medicine is the ability for “mass customization” of treatment options, each tailored to the individual, based upon a comprehensive, global data base of warehoused history that can be mined for data analytics. Input my and family medical history, symptoms, medications, lifestyle and diet, and all related information, and the recommended course of action will result from multi-variate statistical analysis the “finds” similar circumstances, what worked and what did not work.

    But as you point out, the “cloud” is in the mix for this technology to work. Privacy issues are at stake. Yet those whose business model is predicated upon guaranteeing privacy, e.g. Equifax, have proven that privacy is a chimera. It does not exist. It cannot be guaranteed. With enough time and effort, every firewall can be breached, every intranet of every individual and organization can be copied for whatever nefarious purposes hackers have in mind.

    The loose and unfettered nature of the internet has been a block of swiss cheese from the its nascent beginning, a sieve that served to make it easy for virtually anyone and everyone to find any information they might seek. If the foundation is on sand, so too will the shoring up of walls and adding storm screens prove almost useless when it comes to security and privacy.

    Two potential breakthroughs promise robust encryption. The first is quantum entanglement (https://phys.org/news/2017-06-big-scientific-breakthrough-sub-atomic-comms.html), and the second is the blockchain technology in cryptocurrencies such as Bitcoin (http://www.newsbtc.com/2015/07/23/using-blockchain-technology-for-secure-data-encryption/).

    But what we seek will have a dark side to it as well. For terrorists, criminals and the mafia will then be able confidently communicate and transact without fear of law enforcement detection. Indeed that is already the case with Bitcoin. So while we need a far sturdier and robust solution that virtually ensures privacy, in order to continue to move forward with medical technology, be careful what you wish for…because getting it may open another can of worms far worse than the benefits achieved…~r

Leave a Reply

Your email address will not be published. Required fields are marked *