WHAT IS CLOUD TECHNOLOGY?

There are essentially two kinds of computing environments:

On-premises computing is the traditional form of computing in which you or your company own and manage your own systems. All the applications you use, as well as your data files, are in your own computers on your own premises either on individual PCs or on an in-house local area network.

In cloud computing, by contrast, your applications and files are held remotely on the Internet (in cyberspace) in a network of servers which is operated by a third party. You access applications and work on your files from your PC simply by logging on to the network.

Cloud services are provided by cloud-hosting providers, companies such as Google, Amazon, Oracle Cloud, Rackspace, Microsoft Azure, and so on.

There is nothing fundamentally new about the concept of cloud services. If you are using Gmail, Hotmail or yahoo for your emails, you are using cloud services and probably have been for years.

What is relatively new is the types of services that are being offered in a cloud-environment. These now go far beyond email to cover all the IT services that an on-premises computing environment would deliver, such as accounting, marketing, human resources and so on.

Advantages of cloud computing

Cloud computing has several advantages over on-premises computing:

1. You can run an application or access your files from anywhere in the world using any computer.
2. Cloud computing is cheaper.
3. You need less technical knowledge.
4. Cloud computing delivers a better performance.
5. Cloud computing is eminently scalable. Increasing the number of applications you use or the amount of data you store does not require a heavy investment; you only need to advise the cloud-hosting adviser.

Given these advantages it no surprise that over the last few years there has been a widespread rapid adoption of cloud computing. Analysts estimate that the growth rate of all spending on cloud IT will soon be at least four times faster than the growth rate of all spending on on-premises computing.

Indeed, analysts are expecting the annual growth rate of spending on cloud computing to average 23.5% compound from now until 2017. In addition, by that year spending on cloud services will probably account for one-sixth of all spending on IT products, such as applications, system infrastructure software, and basic storage.

Given the rapid growth in cloud computing, the big question, of course, is whether cloud computing is safe. Is it more or less safe than on-premises computing?

The short answer is that cloud computing is not less safe than on-premises computing. However, the threats are somewhat different in nature, though they are converging.

Threats
Generally speaking, there are six major threats to computer security. These are:

1. Malware
Is malicious software such as viruses, trojans, worms, spyware and zombies. Malware is installed on either a PC in your home-office or a cloud-computing server. Where malware gives control of a network of computers to a malicious group (eg, to send spam) it is called a botnet.

2. Web app attack
Is an attack in which web-based applications are targeted. It is one of the most common forms of attack on the Internet.

3. Brute force attack
Works by trying all possible combinations of letters or numbers in order to discover a cipher or secret key. For example, you could crack a password by repeatedly trying to guess it. Modern computing power and speed makes brute force a viable form of attack.

4. Recon
Is reconnaissance activity that is used to choose victims that are both vulnerable and valuable.

5. Vulnerability scan
Is an exploit using a special program to access weaknesses in computers, systems, networks or applications in order to generate information for planning an attack.

6. App attack
Is an attack against an application or service that is not running on the web, ie the program will be on a computer somewhere.

Honeypots
A honeypot is a decoy website, network, system or application that has been intentionally designed to be vulnerable to attack. Its purpose is to gather information about attackers and how they work.

Honeypots allow researchers to:
collect data on new and emerging malware and determine trends in threats identify the sources of attacks including details of their IP addresses determine how attacks takes place and how best to counteract them determine attack signatures (pieces of code that are unique to particular pieces of malware) so that anti-virus software can recognise them develop defences against particular threats Honeypots have proved to be invaluable in erecting defences against hackers.