The cloud at the gates of the enterprise

Summary:Recent possible security breaches at Lockheed Martin have highlighted how connected even the most security conscious enterprises have to be. You can't isolate your business from the cloud, you have to co-exist with it

Recent reports that hackers have breached the network security of US defense contractors including Lockheed Martin is a salutory reminder of the risks to enterprise information. The source of the breaches appear to have been the electronic fobs used in two-factor authentication when users log in from outside the enterprise network.

Even in such a security-conscious enterprise as Lockheed Martin, remote access from outside the firewall is a regular part of the day-to-day working routine. There's a telling quote in the Reuters report from Loren Thompson, COO of Lexington Institute and a consultant to Lockheed: "the incident underscored massive challenges faced by corporate and government computer networks in 'an age where everybody has access to ubiquitous digital communications'."

No modern enterprise can function, it seems, without allowing employees and contractors to bring the cloud to its gates. In response to the breach, Robert X Cringely, the blogger who first broke news of the breach, reports that Lockheed Martin had to:

  • Immediately disable all remote access
  • Ask those who telecommute from home "to come into nearby offices to work"
  • Ask over 100,000 network users to reset their passwords — including Pentagon staff who collaborate on projects, some sources added.

Some say that the right response to cloud threats is to completely isolate the corporate network from the cloud. But that's not realistic in today's connected world. Fact is, any enterprise network today, however private it attempts to be, cannot isolate itself from the Internet and all the threats that exist on the Web, if the business it serves is to remain competitive and effective. Productivity demands that workers be able to access corporate data from home and on the road. Effective partnering with customers and suppliers means giving their employees and systems access to certain applications and data.

'Cloud' is not just the technology, it's also the model of real-time collaboration and go-anywhere information access that we've got used to in today's hyper-connected world. You can't cut yourself off from it. Dealing with the security threats that exist in the cloud is just part of what you have to do to participate in the modern economy.

Topics: Networking, Security, Telcos

About

Since 1998, Phil Wainewright has been a thought leader in cloud computing as a blogger, analyst and consultant. He founded pioneering website ASPnews.com, and later Loosely Coupled, which covered enterprise adoption of web services and SOA. As CEO of strategic consulting group Procullux Ventures, he has developed an evaluation framework t... Full Bio

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.