Thousands of websites and millions of pieces of private data are increasingly in one big cloud, where some of the old rules of data security are out the window.
With the rise of cloud computing companies, and the ferocity with which tech's biggest companies are snatching those firms up, it's no secret that a good chunk of our user data is already stored in the cloud. Our emails, our documents, our social network profiles and hundreds of thousands of tiny startups already rely on cloud services like SalesForce.com to be more productive and cost-effective. But one concern that remains constant is that of security. By off-loading more data to the cloud, are companies increasingly opening themselves and their users up to hacking, data loss, and privacy compromises?
What's at risk
Take the example of credit card data. Most of us don't think twice about saving account numbers and security codes into our online shopping profiles. The Payment Card Industry (or PCI) is a global information security standard established by a consortium including Visa Card, MasterCard, American Express and Discover, that places specific requirements on the operational infrastructure that handles high-risk data like credit card information. If an infrastructure doesn't conform to any and all PCI regulations, then it's not PCI compliant. And because cloud infrastructure is so vastly different than that what PCI was written for, most cloud service providers are in fact, not PCI compliant. More
|Ousted Yahoo exec gets $58 million golden parachute|
|Canadians arrest a Heartbleed hacker|
|Golden parachute for fired Yahoo executive may be record breaker|
|5 people you might not tip (but should)|
|Google stock sinks after missing Street|