Cloud computing has resulted in greater agility, cost savings and efficiency for many companies and federal agencies, but also increases the vulnerability of crucial data and may threaten national security.
As the recent controversy concerning government contractor Edward Snowden has shown, data leakage not only causes financial losses to companies and federal agencies but also has implications for U.S. national security and international relations with other countries.
Cyber threats to national security conventionally arise from both external and internal sources. Domestic and international hackers relentlessly attempt to penetrate external firewalls by exploiting security holes and using bots and viruses. Motivations for these hackers vary widely: ego, financial gain, social activism, politics, religious beliefs or criminal activity.
Internal security threats are equally hazardous to companies but can be considerably reduced with appropriate security practices. To prevent employees from copying mission-critical data files onto thumb drives or DVDs, companies operating in high-security environments disable USB ports and DVD players in company-owned laptop computers.
Similarly, a growing number of federal agencies and companies provide security training for their employees, instructing them to employ practices such as the usage of hacker-resistant usernames and passwords and requiring employees to verify their identities prior to logging into servers.
Other security practices include teaching employees to avoid clicking on hyperlinks within e-mails or direct messages, decreasing the risk that employees will unwittingly admit malware into their computers and ensuring that their e-mail accounts and computers remain secure.
As cloud computing continues to evolve, the need for the protection of internal and external networks will grow exponentially for companies, federal agencies and end users. Although many security threats are predictable and preventable, federal agencies and companies need to be more diligent in protecting data stored on their networks from the everyday behavior of company employees.
Smartphones and tablets have been stolen by airport thieves during employees’ business trips, posing a significant security risk if the information spreads to identity thieves, or careless employees leave vulnerable laptop computers containing crucial information in their vehicles, easily visible to criminals searching for electronic merchandise to sell.
Even more hazardous to national security are employees with ethical beliefs that may be contrary to the best interests of their employer or country. Even though Edward Snowden possessed a security clearance and was not supposed to leak confidential information, he chose to act as a whistleblower and knowingly revealed important government data to press sources due to his personal beliefs in the necessity of protecting consumers from government intrusion.
At this time, the final results from Snowden’s actions are still being determined and only history will show how much the information he provided affects national security. In the meantime, it is in companies’ best interests to remain aware of emerging data threats, especially in regard to cloud computing, to ensure that their employees receive the highest-quality security training possible, and to utilize more in-depth employee screenings to prevent breaches.