Research by Charles Sturt University finds that organisations are not making sure their data is safe, when selecting an overseas Cloud Computing provider. Dr. Zia says “privacy concerns were not as strictly adhered to as they were in Australia, and that cost was a main driver for cloud computing adoption.” Scary stuff! Better to go with an Austalian Cloud provider?
LOCAL organisations are trading cost over security by using offshore cloud providers, a security expert has warned.
Despite the rapid adoption of online services and cloud computing, security threats are not decreasing.
A study by researchers at Charles Sturt University found many organisations were moving swiftly to the cloud without making sure the information they put there was secure.
CSU school of computing and mathematics senior lecturer Tanveer Zia took part last year in a study of cloud computing service providers in India.
Dr Zia, a pioneer of CSU’s Information and Communications Technology Security Research Group, said the research found security controls used by offshore cloud providers were not up to international standards.
He said privacy concerns were not as strictly adhered to as they were in Australia, and that cost was a main driver for cloud computing adoption.
Dr Zia said there was no exact data on how many Australian organisations used overseas-based cloud-computing providers, but outsourcing was a widely adopted trend.
He said organisations could take advantage of cloud services from other countries at a fraction of the cost in Australia.
In many cases, data transmission from India to Australia were cheaper when compared with data transmission within Australia.
The 40 organisations involved in the study provided services to most Western nations, including Europe, the US, Australia and New Zealand, but not many wanted to know, or were aware of, what sort of security methodologies they had adopted, Dr Zia said.
Some service providers that were handling very sensitive data had really few security measures.
According to the study, most organisations were engaged in using the cloud to host applications or their infrastructure and compromising security over the cloud would affect these two platforms directly and severely.
The research urged organisations to spend time assessing the security risk involved in moving assets to the cloud. and recommended the use of Secure Sockets Layer to secure cloud computing, but this technology was still under the radar for practical use.
Dr Zia said we were yet to see a practical security measure for cloud computing to be a safer platform and he would not recommend Australian organisations use overseas cloud providers.