Remote Working - The Cloud is the Answer But is it Secure?

Right, put your pens downs, stop typing, hang up the phone, get off the jargon merry-go-round and take a deep breath.

Are you calm now? Good.

Now – if you’re in any way related to the IT world, (which I guess you will be reading this), then you’ll know how much the industry loves a new buzz word, a new craze, something, anything to follow! Any Monty Python fan will have seen the behaviour in the ‘Holy Gourd of Jerusalem’ scene…. Look it up.

Cloud Computing is the living embodiment of the latest vacuous piece of jargon that’s been doing the rounds all year. And yes, with a gun to my head, I’ll say that Esselar ‘does cloud computing’. The problem is that the phrase doesn’t really mean anything. Another problem is that people think its new technology and are therefore concerned about the longevity of the fad.

Under the hood of cloud computing, there’s nothing really new. It’s mainly traditional IT services packaged and sold in a new way. Nothing to worry about. This is a natural evolution. The main benefits being that you don’t need to buy the old IT ‘box’ anymore. It’s all hosted in secure data centres in the Internet.

So how does this all benefit us nomads? Can it keep us working? Is it secure?

There are various ways that cloud systems keep us working and I’m sure many of us are already using them. Hosted VPNs, for example, can get us connected to the applications and data we need from anywhere in the world with all the usual benefits of resilience, scalability and manageability at a price that’s fair. But more of an interest to us as users, especially considering all of the recent articles, reviews and blogs pointing to security issues within ‘cloud computing’ is, “are we secure?”

As with most systems, the weak link is the user themselves. If you know the name of someone’s pet, their child’s name or the name of their other half you’re very likely to be able to crack their password in no time. And it does happen, but if lists of static passwords are stolen, they could be valid for years.

Not only that but many users (none of us obviously…) use the same password for several portals/sites/networks. And for those of us using multiple complex passwords, would you be able to do this without that note on your phone or sticky label in the drawer?

So what is the answer?

Bear with me on this one as it’s something that until now has been the reserve of global organisations with thousands of users… With the evolution of cloud computing, two-factor authentication (2FA) solutions have now become viable for businesses of all sizes.

For those of us that aren’t too sure what 2FA is, it’s basically using the combination of something you know along with something you have as a means of securely accessing private systems. Think of the chip on your bank card and your pin number. But in this case, as well as your pin, you also use a one-time passcode that is generated from one of a variety of ‘authenticators.’ This can be in the form of a physical token on a keyring, an SMS message sent to your phone, a BlackBerry application or through an application installed on your desktop or laptop. The back-end servers that validate these passcodes are all now hosted in the Internet.

All of a sudden you can work remotely in complete security. So what’s changed? Because it’s all hosted you no longer have to worry about the ‘boxes’ being in your network. Let someone else worry about maintaining, patching, and upgrading them.

So my advice would be to embrace remote working through the cloud and hosted IT as we have been doing, but if you’re going to look into it make sure you consider your security and don’t take the unnecessary risk.

And remember that cloud computing is about more than SaaS and hosted applications; it’s full of often unconsidered services.