In the wake of the Capital One breach, can CUs trust ‘the cloud’?

Businesses today have little choice but to use the public cloud. But they must do so within thoughtful IT governance parameters.

By now everyone has read about the security breach involving Capital One that affected more than 100 million customers. The thing that made this breach stand out from all the others in the news is that the hacker accused of breaking in was a former Amazon employee that worked on Amazon Web Services—the cloud service storing the Capital One data when it was compromised.

Whether or not the hacker was granted access to the data because of her position at Amazon, as some theories have suggested, is somewhat irrelevant. Rather, the deeply relevant follow-up question to this breach that everyone using cloud services should be asking is: “Can I trust ‘the cloud’?”

The answer is “you have to today.” But you shouldn’t do so blindly.

The reality is that virtually all of today’s organizations already live in the cloud—oftentimes, many clouds. The benefits offered by the cloud are so great that no company can survive in today’s competitive business environment without leveraging this powerful tool.

 

continue reading »