Skip Links

The 3 biggest threats to your cloud data

By Rob May, CEO, Backupify, special to Network World
December 10, 2012 10:47 AM ET

Network World - This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

Any horror movie fan can tell you the scariest threats are the ones you don't see coming, and the same is true when it comes to threats to cloud data. IT has decades of experience protecting on-premise resources. Virtually no one has even one decade of experience running major SaaS applications, so we should be prepared for some surprises.

The risk vectors described here are perhaps the three most dangerous threats to your SaaS data, precisely because so many IT pros aren't prepared for them:

* Zombie accounts. Zombie accounts are those accounts that are no longer in use, but haven't been suspended, deprovisioned or deleted. When a sales rep leaves, the admin locks the user out of the account but never follows up to actually delete the account. The danger with zombie accounts is that, if they are compromised, no one is watching them. A subverted zombie user could steal, corrupt or delete data well before anyone is the wiser.

CLOUD DATA MANAGEMENT: Amazon wants to manage your data in the cloud

Many SaaS admins assume they aren't sitting on any zombie accounts because SaaS apps usually charge on a per-user basis, so anytime the admin receives a bill, the zombie users would stick out and demand to be deleted -- if only to recover the license fee.

Not so. Some SaaS apps only bill on an annual basis, rather than monthly or quarterly. SaaS providers offer this billing option to support large organizations because big companies usually budget on an annual basis. As such, you have the deadly combination of a company with a large number of users within which a zombie account can hide, and a billing cycle that could keep a zombie account unnoticed for as long as 11 months at a time. That's scary.

Zombie account defense: Eliminate them before they turn. Delete inactive accounts as soon as they have outlived their usefulness.

* Rogue users. User error is always one of the top two causes of data loss for any application, cloud-based or otherwise. This is because software has no way of distinguishing between legitimate and illegitimate commands. One slip of the mouse and a Copy command becomes a Delete command. Simple user mistakes cause between one-third and two-thirds of all data losses. That's scary enough, but those numbers only describe the damage inflicted by accident.

Now imagine what a rogue user -- one who is intentionally trying to cause damage -- could do to your cloud data. Authorized users are, by definition, allowed inside your SaaS application's defensive perimeter. Disgruntled employees can be your worst nightmare, as these users can do every bit as much damage as a compromised zombie account but with the added threat of knowing exactly where to look for valuable data.

Rogue user defense: Trust no one (more than you have to). Most SaaS applications offer some degree of tiered access privileges. Never grant anyone more access than they need.

Our Commenting Policies
Cloud computing disrupts the vendor landscape

 

Latest News
rssRss Feed
View more Latest News