Expert Advice for Business Owners – Gilberto J. Perera on Cloud Safety



2010 January, 6th
Mihaela Lica
Mihaela Lica
feature photo

For many entrepreneurs the idea of business in the cloud is a modern alternative to traditional business. Many corporations create “private clouds” with significant benefits, like removing the IT maintenance burden and delivering innovation to their end users much more rapidly. Naturally, there are a few drawbacks to cloud computing. We asked Gilberto Perera winner of Microsoft® Most Valuable Professional (MVP) Award, author of Windows 7 Basics – How-to Guides for the Rest of Us™, a few questions about safety in the cloud.

Everything PR: No business is immune to DDoS attacks, hackers and malware. So is it “safe” for a business to use the cloud?

Gilberto J. Perera: The word safe by its nature implies the absence of danger or harm. Instead of thinking safety in the cloud, I’d like to think of the cloud as having levels of vulnerability defined as the capacity to be wounded. There are services in the cloud that are more vulnerable than others, and as such everyday users and businesses need to make sure that they are aware of the level of vulnerability with any service they choose.

As the idea of the cloud continues to grow and more and more services begin to decentralize their repositories of information there is no doubt that there will be an increase in the occurrence of security breaches, stolen information, and defacement of services on the cloud. It’s the nature of the beast. As with any business that relies on an outsourced service provider, precautions should be made in the event that there is a breach or that the service is unavailable due to a DDoS attack.

The cloud offers many advantages over traditional centralization of data and services. I think that accessibility and decreased maintenance costs trump the minimal risk associated with the increased vulnerability of cloud services. The improvements in productivity and reductions in cost would suffice to take the added ‘calculated’ risk.

Everything PR: What types of security issues could be faced by a company online and how could these be avoided?

Gilberto J. Perera: Online retailers, Facebook, Google, Digg, Twitter, and blog owners all reside in the cloud as such they are prone to a plethora of security issues, some which are covered below;

  • Patch/Update Management – Most companies use some sort of Content Management System to maintain their websites and the services they provide. If updates are released to address issues that have been discovered and the online company is slow to follow-up on the patch, they have just become vulnerable to the issue. Issues like these can be mitigated with a good update system that stresses urgency of security issues.
  • 3rd Party Services/Outsourcing – Websites like Twitter and Facebook allow for a lot of 3rd party integration of their services. If mismanaged this can become a security nightmare and could spell a PR disaster for the company allowing the third party integration.
  • Adequate End User Training – Without adequate training end users that rely on the services provided would lack the awareness to understand how using a public computer could compromise their company’s security or how storing sensitive information in an unsecured online service can lead to an information breach. These are all issues that end user training can help address.

Everything PR: Is there anything users can do to mitigate the loss and dissemination of their personal information online?

Gilberto J. Perera: Absolutely, and I can summarize it in two words, increase awareness. I wrote an article a couple of months ago on securing your privacy online which received very good feedback from the online community. Tips ranged from using tiered passwords to using complex passwords. You would be surprised at the number of people who use passwords like sparky or something similar and don’t realize that said passwords can be broken in seconds, not to mention the information about you that is available online that would help would be hackers guess your passwords.

Aside from ensuring that personal information is secure online, users should also use common sense and limit the amount of personal information that is posted online. You would not believe the amount of information people post on websites like Facebook and MySpace. If you limit the amount of information, naturally there is less information that can be disseminated online.

Everything PR: Are there online privacy watchdogs that users should be aware to help report and or find out about websites and/or services that cannot be trusted?

Gilberto J. Perera: There are several websites and browser add-ons that can help web users identify websites that cannot be trusted. I will name a few that I have personally used.

Everything PR: What single tip would you recommend for all web users to follow?

Gilberto J. Perera:Read and learn as much as you can about security so that you can understand the different threats that exist which in turn will help you make the right decision when presented with a threat.

About the Author

author photo

Mihaela Lica is senior partner at Pamil Visions PR and editor at Everything PR. She is a widely cited authority on search engine optimization and public relations issues (BBC News, Force for Good, Reuters and others), with an experience of over 8 years in online PR. Mihaela writes occasionally for SitePoint, Search Engine Journal, and other online publications. Follow Mig on Twitter or send her an email at mig [at] pamil-visions [dot] com.

See All Posts by This Author

There Are 2 Responses So Far. »

  1. Comment by Y. Caceres on 8 January 2010:

    Great interview, very intersting!

  2. Comment by Cristina Rodriguez-Roig on 14 January 2010:

    Very informative. I especially appreciate the section on how to identify websites that are not trustworthy. I will be using the recommended sites!! Thanks allot!!