Essential Guide

Combat the latest cloud security challenges and risks

A comprehensive collection of articles, videos and more, hand-picked by our editors
Problem solve Get help with specific problems with your technologies, process and projects.

Creepy cloud horror stories to keep IT up at night

With Halloween creeping in, cloud expert David Linthicum shares three cloud computing horror stories -- and advice for not finding yourself in one.

Ghost stories are playing non-stop on TV and it's almost mandatory you visit a pumpkin patch. Yes, it's that time...

of year again -- Halloween is right around the corner.

But scary stories are not just fodder for campfires and the big screen. Enterprise IT departments, in particular, are no stranger to nightmares -- especially when it comes to cloud computing.

Here are three cloud horror stories to send chills down IT's spine.

Invasion of the data snatchers

We've all heard about the data breach horror stories at Home Depot, Target and Sony, but what about the attacks that go unreported? Enterprises experience ongoing attacks and have to be proactive to keep up their defenses. This includes constantly patching firewalls and updating encryption, as well as disallowing access from a growing list of IP addresses.

Of all the cloud horror stories IT has to deal with, data breaches are the most terrifying. They are also the reason many enterprises illogically push back on public cloud. But, on the other hand, organizations can't take cloud security lightly. In one recent cloud horror story, an enterprise had its data hacked by a file sharing provider, who took customer lists and credit card data. The incident had to be reported and, while the damage was minor, it took the wind out of the company's cloud computing sails.

If enough planning and technology go into the mix, the cloud can be more secure than any on-premises system. But without taking proper measures, this cloud horror story will become all too real.

A case of the compliance chills

In another spooky tale, IT realizes that business departments have taken matters into their own hands and placed data in the cloud. Through compliance research, IT then discovers the data was not allowed to leave the enterprise firewall. The company is audited, fined and has to launch a million-dollar PR campaign to restore customer confidence.

While you don't need a huge team of lawyers to determine data compliance requirements for your industry or region, you do need to pay attention. IT should inform everyone who uses public cloud to consider compliance -- or risk hefty fines and a PR mess.

Ghost clouds lurking in the shadows

One enterprise IT shop that thought it had things under control found that about 10% of its data was in the cloud. Turns out, business departments had provisioned and accessed cloud resources without IT's knowledge or approval. And IT did not understand the issue until it scanned the network for the presence of these "ghost clouds."

As a result, IT had to seek leadership's support to restrict the use of rogue clouds for data storage or other purposes. The business departments then argued that the reason they spun up the cloud services was that IT was too slow to respond to their needs.

IT pros need to understand that this chilling tale is not about control; it's about speed-to-solution. IT should use cloud, or any other technology, to provide the business with answers, not excuses. And until that happens, cloud horror stories will persist.

We all need to be proactive to keep the horror in Hollywood. Now is a good time to take a closer look at compliance issues, the state of your security and ghosts in the cloud.

Next Steps

Waking up from cloud security nightmares

Controlling shadow IT in hybrid cloud

Learn IT's part in cloud compliance

This was last published in October 2015

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

5 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What cloud nightmares have haunted your organization, and how did you put them to rest?
Cancel
These are some good points that everyone should consider before putting anything in the cloud. I think that’s also the problem - in the rush to move things to cloud organizations (or parts of organizations) don’t do their due diligence.
Cancel
Excellent blog
Cancel
The common thread to all these stories is that it's not really the cloud itself that's to blame -- it's the lack of policies and procedures, or the lack of people following them, rather than any flaw in the technology itself. You could replace "cloud" with "cellphone" or any number of other technologies and have the same problems.
Cancel
Thanks for sharing. Good case studies for staying secure and efficient when using the cloud.
Cancel

-ADS BY GOOGLE

SearchServerVirtualization

SearchVMware

SearchVirtualDesktop

SearchAWS

SearchDataCenter

SearchWindowsServer

SearchCRM

Close