Blog

415 IT Blog

415 IT has been serving the San Rafael area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses

How Will the Regulations Surrounding the Cloud Continue Shifting?

How Will the Regulations Surrounding the Cloud Continue Shifting?

Cloud computing is a major growth industry as businesses and individuals look to use the computing strategy to either save money or get resources that they would typically not be able to commit to. With cloud computing becoming more and more integrated into business each year, it stands to reason that the once Wild West of cloud computing would start to see a lot more regulation. This week, we’ll take a look at how the cloud is regulated and what to expect out of cloud regulation down the road. 

The Wild West

The cloud has been growing for years. Currently it is a $450+ billion market that is growing at over 13 percent annually. That’s a massive increase. All this tells you is that it is quickly becoming the priority computing model for businesses and individuals of all types and sizes. This rapid growth has started to gain the attention of lawmakers who are looking to rein in the growing power technology companies are accruing. 

Recent events have made this relationship even more tenuous. The cloud, for all of its benefits, has had a checkered security history; and due to the reliance that organizations have on cloud computing, it has perked the ears of regulators that expect that these computing structures be extremely secure; a problem that has long been identified by IT security experts.

Cloud Security

The current regulatory landscape doesn’t currently have many mandates on it. Cloud providers like Amazon, Google, Microsoft, and Oracle have basically operated with very little governmental oversight. The same can’t be said for the users of cloud computing, who by-and-large all have some semblance of regulatory concerns. This creates a gap between what the cloud providers do in terms of cybersecurity, and what is the onus of the end user. Of course, regulators want to see the organizations raking in the huge profits from the use of these services do more, and that’s where this battle begins. 

The main point of contention seems to be that, since so many organizations rely on these cloud platforms for their central computing needs, that if full-scale regulation were to happen quickly, it could create problems for providers and thus have major effects on the economy. It stands to reason that regulation happens at some point, but many people in the industry are stumping for a more “light touch” approach, as the laissez-faire approach doesn’t really work for the national security of systems that are crucial to the sustainability of the world economy. 

Shared Responsibility

With security seemingly the hot-button issue, it’s important to understand where most of the cloud’s security comes into play. The provider is responsible for the security of the underlying infrastructure, while the customer is responsible for the security of their own digital resources. This can get a little hairy in terms of overarching regulation, as there are several issues that need to be addressed in order for both parties to keep their computing secure. They include:

  • Larger attack surfaces - With more publically available surface area to your organization’s data (from use of shared physical resources), there is simply more that can go wrong.
  • User error - With phishing attacks being the predominant way hackers gain unauthorized access to computing resources, the end user becomes the choke point for your organizational cybersecurity.
  • Poor configuration - The less care that is taken when setting up public cloud resources, the more apt they are to be insecure. 

Regardless of how your organization will be impacted by the incoming regulation of cloud services: Rest assured it is coming. Let’s look at a couple of actions you can take to improve your cloud security:

  • Deploy Multi-Factor Authentication - One of the best ways to secure your cloud endpoints is to enact a multi-factor authentication system. This system adds an extra step of security for any cloud-based resource, significantly reducing risk. 
  • Manage access better - Not all of your employees need access to every cloud resource, especially if you plan on hosting a cloud platform yourself. Doing your best to restrict cloud access to users that need it, can reduce exposure to potential security issues.
  • Train employees - Having a comprehensive security training program in place has been shown to cut your exposure to end-user risks by as much as 70 percent. 
  • Sufficiently monitor end-users - One of the best ways to determine if you have intruders in your network is to use technology to consistently monitor it to see who is accessing resources and when. Sometimes unauthorized access will come at unusual times of the day. 

The cloud is going through a lot of changes, and time will tell whether or not widespread regulation will be in the cards in the upcoming years. The only thing you can do is strategically enhance your security posture so as to not be caught off guard. If you would like to talk to one of our security professionals, give 415 IT a call today at (415) 295-4898. 

Are You Dealing with Toxic Productivity?
How to Squeeze Every Drop of Value from Your Busin...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Tuesday, 03 December 2024

Captcha Image

Customer Login

News & Updates

We are proud to announce that 415 IT and our CEO, Daniel Stevens, were recently featured by CIO Applications. We discussed how and why we serve our clients, as well as some sneak peeks for our future. Read our interview by visiting:  https:...

Contact us

Learn more about what 415 IT can do for your business.

415 IT
1299 4th Street Suite 305
San Rafael, California 94901

Copyright 415 IT. All Rights Reserved.