Twitter hacking shows lack of security in cloud computing according to commentators
Steve Moyle, co-founder and CTO at Secerno, claimed that the incident appeared to be a security failure in the cloud. Moyle said: “Cloud is no more secure or less secure than any other environment, and what happened at Twitter could have easily occurred in a traditional implementation.
“This breach indicates, at the very least, that traditional password protection practices were not being followed. This is not surprising considering the stress placed on current IT budgets that results in security updates and practices being delayed. For every organisation that holds information that could be deemed embarrassing if made public, Twitter serves as reminder that open does not mean secure and the protection needs to come from providing the care at the level of the data itself.”
Andy Cordial, managing director of Origin Storage, claimed that the news comes as no surprise as many IT staff and managers are being pushed into adopting cloud computing services on a fast track basis.
Cordial said: “Our observations suggest that a number of companies and their staff are being forced down the cloud computing route and are having to adapt their IT security systems on the fly.
“We have had concerns about this rate of change in the business sector for some time and, with all the data breaches occurring on the cloud front, it's obvious that the chickens are now coming home to roost.”
He also added that adding encryption to a company's data storage, whether in the cloud or not, will ensure that data at rest, as well as on the move, is protected from prying eyes.
Cordial said: “Applying effective security is all about planning and then applying that planning, backed up by a set of solid security policies with encryption at its heart. If Twitter had had this strategy operating at all levels of its hierarchy, rather than apparently going for user growth at any cost, it wouldn't be in the embarrassing situation it is now.”
Neil Fisher, vice president of global security solutions at Unisys, claimed that the main challenge faced by organisations operating in a cloud computing environment is the ability to provide full security for all data.
Fisher said: “As more high-profile security breaches dominate the news, consumers are becoming increasingly concerned about whether social media sites, or any businesses that operate in the cloud for that matter, are able to protect their data.”