En los últimos años ha habido un aumento significativo de ataques cibernéticos contra la economía digital, a veces muy sofisticados, perpetrados por “hackers” cada vez más cualificados. Dado que hoy en día, la mayoría de los procesos económicos son digitales, la inseguridad adquiere un peso cada vez mayor sobre la economía: Read more
Cada vez que repaso periódicamente los desafíos a los que se enfrentan las empresas en materia de Ciberseguridad noto una sensación de déjá-vu que me inquieta, siento que las amenazas persisten y los desafíos se mantienen. Y un desafío que se mantiene por mucho tiempo constituye una inquietud constante. ¿Qué ha hecho la industria por eliminar esta inquietud? ¿Cómo podemos acceder a una tecnología cada vez más fascinante, útil y poderosa sin que la seguridad sea una de las virtudes que la hagan confiable? En Sogeti hemos publicado junto a IBM el libro “Staying ahead in the cybersecurity game. What matters now” donde se hace una exposición de desafíos en la ciberseguridad que sigue incidiendo en los retos a afrontar, pero ofrece un cambio sustancial en el enfoque tradicional para afrontar estos desafíos.
Last Thursday, 12th June, Sogeti and IBM launched their latest book: Staying ahead in the Cyber Security Game.
- Hey guys! Let’s go store all of our data in the Cloud!
- Alice: “No! It is too risky”
- Bob: “No! I do not want to pay to host my data!”
- Carol: “I am not sure … remind me, where is ‘the cloud’?”
This is the typical lack of understanding around the Cloud: security, price, property.
In terms of physical security of data, Cloud hosting is, for sure, the safest solution for keeping our data alive. Storing our files on our personal laptop or doing private backups does not protect you against fires, short-circuits, burglary, earthquake, children’s games, your mother-in-law… Basically, if you think it’s safer to put your money to the bank than in your sockets, your should feel safer to put your data in the Cloud rather than on an isolated and vulnerable hard disk.
Recent events, like the suggested man in the middle of the NSA in Google datacenter or this huge fishing operation on the first telecommuncation French operator, could make you wary of putting your data into the Cloud.
Attacks in the Cloud are like airplane crashes; when they happen there are many victims, but it remains statistically the safest way to transport.
Did you ever think to choose a freshly relaxed prisoner as babysitter? No, I do not think so. So, also, you should choose your cloud solution according to the reputation of the hosting company.
If someone wants to access your data, it is easier for him to rob your house than to hack your Cloud account. Protect and maintain the confidentiality of your password the same as the telephone you use to call your paramour, and your data will be safe.
Maybe you do not understand what your are paying for when you subscribe to a Cloud solution, but it is the same as paying an insurance for your car or an internet connection. In your subscription, you pay for high accessibility, high availability, and backups of your data– three things you cannot have without a cloud solution.
The cloud is based on trust with its host / provider. People are afraid because they think the hosts will watch and resell their data. They are right. But banks also use your money, and the question is: what do they do with your money, and can they guarantee that your money will not go away?
It goes without saying that the Cloud is infinitely safer, cheaper and more effective than any existing storage solutions. But at a certain level of confidentiality, we can not afford to entrust all its data to a company, as benevolent as it is. That is why a good compromise would be to move towards new Hybrid Cloud solutions to ensure the grip on your data and to prevent burglary.
Anyway, whether you agree or not, the Cloud is a logical consequence of globalization and free trade. Then brush your teeth and smile: you are already in the Cloud!
Tristan Zwingelstein is a software developer. He is particularly attracted by open sources technologies even if he began his career as a web developer on Microsoft technologies. Then he became owner for maintenance and development of web sites and applications at a web hosting and internet provider company (specialized in open source technologies as Linux/Php/Java JEE). In 2013, he joined Sogeti as a consultant.
The current cryptographic protocols like RSA which are used in multiple use cases are highly secured, but not perfectly secured. The security level of such a system relies on one key remaining secret, and its secrecy depends on the length of the key itself, in order to be quite impossible to discover by today’s computing systems. But it is a question of time: as the power of the computer increases, the length of cryptographic keys will increase. Read more
More and more devices are (or will be in the near future) connected to other devices or to Information systems (IS) which manage or monitor these devices. This trend calls for new approaches and reinforcement of security and testing procedures in order to protect both side: the device itself with people who use it and the IS which monitor/manage the device.
Quite recently (last month and last year), different examples show that investments must be made in this area. Read more