First, clouds are considered vulnerable due to unscrupulous acquisition of intellectual property and loss of crucial data. A cloud is used by several organizations to store sensitive data. An estimated 21 percent of all cloud-based file sharing systems are deemed to contain sensitive information. In some instances, the crucial data in the clouds comprise of materials that have been marked as intellectual property (Gupta, 2013). Hence, the sensitive data can be easily accessed by cyber criminals in the event that the cloud service is breached by users. In addition, a number of services may pose serious risks when intellectual property rules and regulations are not honored.
Second, poor regulatory actions and compliance violations may potentially make clouds vulnerable in organizations. It is obvious that regulatory control of company data is a common practice by most organizations today. In other words, organizations should understand where their sensitive data are stored (Subashini & Kavitha, 2011). Other aspects that must be clearly known include how a company’s information is being safeguarded and individuals who can access the same data. However, these tenets are often violated. As a result, several companies find themselves in non-compliance states. Such violations can culminate into gross security repercussions.
Moreover, organizations are highly likely to lose control of cloud-based users who eventually consume the stored data. In most cases, organizations do not have any track record of those utilizing their data and hence, the unregulated end user actions may also pose unknown threats. Other vulnerabilities of clouds include malware infections and contractual breaches.
Providers of cloud-based services offer a number of unique services that have never been experienced in conventional computing (Whitman & Mattord, 2011). For instance, on-demand self-service is a distinct concept offered by cloud providers. No human interaction is required for a consumer to interact with the system. Network storage and server time can be accessed by a consumer without necessarily requiring the services of a second or third party since the system is fully automated. Unlike traditional computing platform, cloud-based system offers a broad access to network.
Client platforms that are either thick or thin can also be used alongside standard mechanisms to enhance strong network capabilities (Eastton & Taylor, 2011). Furthermore, cloud providers can manage resource pooling whereby a multi-tenant model may be used to serve multiple consumers. Better still, cloud-based systems are known to offer rapid elasticity.
Nonetheless, cyber security is challenged when offering these services largely due to poor control of end users of information stored in the clouds. For example, cloud providers can hardly be in a position to control who access and share stored files. Hence, the swift and efficient cloud services also accelerate the pace at which cyber criminals execute their activities.
Copyright owners are negatively affected by some of the activities that take place in the clouds. Software copies are randomly uploaded, shared and downloaded by cloud users. While the latter are the expected activities that take place in the clouds, owners’ copyright rights are usually violated since most users do not seek permission. In an ideal case, the permission to upload, share and download software products should be granted by the copyrighted owners.
However, it rarely happens. Violating access limitations jeopardize the authenticity of cloud providers who are at the same time required to safeguard or protect copyrighted materials (Determann, 2014). Due to such challenges, novel technologies are being deployed by cloud providers. Apart from just avoiding copyright infringement, these technologies are geared towards developing different models of copyrighted materials. Hence, cloud providers have been compelled to step up their skills and technologies in order to remain relevant in the market.
References
Determann, L. (2014). What happens in the cloud: Software as a service and copyrights. Berkeley Technology Law Journal, 29(2), 1095-1130.
Eastton, C., & Taylor, J. (2011). Computer Crime, Investigation, and the Law. Boston, MA: Course Technology.
Gupta, P. (2013). The usage and adoption of cloud computing by small and medium businesses. International Journal of Information Management, 5(33), 861–874. Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34 (1), 1-11.
Whitman, M. E., & Mattord, H. (2011). Reading & Cases in Information Security: Law & Ethics. Boston, MA: Cengage Learning.