Cloud services have transformed businesses, but there’s a downside to every cloud — Kenneth Osim, Founder Nfonex Systems
In today’s digital age, the cloud has become the cornerstone of business operations, offering unparalleled opportunities for growth and efficiency. However, as organisations increasingly rely on cloud services to store and manage their data, the need for robust security measures has never been more pressing.
Within the last decade, notable global companies have experienced significant cloud security breaches:
In 2019, Capital One experienced one of the largest data breaches in history when a former employee of a cloud service provider gained unauthorised access to the company’s systems hosted on Amazon Web Services (AWS). The breach exposed the personal information of over 100 million customers, including names, addresses, credit scores, and social security numbers.
Just two years before that, Equifax, one of the largest credit reporting agencies in the United States, suffered a massive data breach that compromised the personal information of approximately 147 million consumers. The breach occurred due to a vulnerability in an open-source software component used by Equifax’s web applications, which gave hackers access to sensitive data stored in the company’s cloud-based systems.
Similar cases occurred in 2012 and 2013 respectively. Target Corporation fell victim to a cyberattack that targeted the company’s point-of-sale systems, hosted on a cloud-based network in 2013. Hackers compromised Target’s systems through a third-party vendor and stole credit and debit card information from approximately 40 million customers. The breach resulted in significant financial losses and damaged Target’s reputation.
Then in 2012, Dropbox, a popular cloud storage service, witnessed a security breach that exposed the email addresses and passwords of over 68 million users. The breach occurred when hackers accessed a Dropbox employee’s account, containing a document with user credentials. While Dropbox claimed that no user data was accessed, the incident raised concerns about the security of cloud-based storage services.
Editor`s pick — 2024: The year AI learns to paint, TVs grow huge, and quantum computers crack codes
These examples illustrate that organisations today have become heavily reliant on cloud services, thus underscoring the importance of implementing robust security measures to protect sensitive data and applications stored in the cloud. Given his decade-long professional experience in cyber security, Kenneth Osim, Founder of Nfonex Systems, explores the challenges and solutions of cloud security.
Understanding the Cloud security landscape
The allure of the cloud lies in its promise of scalability, flexibility, and cost-effectiveness. Yet, with these benefits come inherent risks, as sensitive data and applications are entrusted to third-party providers. According to recent studies, cyberattacks targeting cloud environments have increased by 300% in the past year alone, highlighting the urgent need for comprehensive security strategies.
Kenneth Eyaba Osim, CEO/Founder of Nfonex Systems, reiterates the gravity of the situation:
“Securing the cloud is no longer optional—it’s imperative for businesses of all sizes. The consequences of a data breach can be catastrophic, both financially and reputationally. Securing the cloud requires a multifaceted approach, encompassing access controls, data encryption, regular audits, and user education. By implementing these best practices and leveraging the expertise of cloud providers, organisations can fortify their defences against cyber threats and ensure the integrity of their digital assets.”
As Osim notes, across the world, regulatory agencies are stepping up their cloud regulation policies and are no longer solely depending on private organisations to bear such enormous responsibility. Furthermore, government bodies now hold private organisations more accountable through checks and balances.
“One such is Nigeria`s National Information Technology Development Agency (NITDA), which has emerged as a beacon of guidance, setting standards and promoting best practices in cloud security,” says Osim.
NITDA’s leadership in shaping cloud security policies
In Nigeria, NITDA aims to ameliorate cloud-related challenges through initiatives like the National Cloud Computing Policy (NCCP) launched in August 2019 to foster a thriving cloud market while ensuring compatibility, consumer protection, and economic growth.
Dr. Vincent Olatunji, Director-General of NITDA, explains: “Our goal is to create an ecosystem where organisations can harness the full potential of cloud technology while mitigating security risks. By working closely with industry stakeholders and enforcing regulatory frameworks, we aim to safeguard Nigeria’s digital assets and foster a secure digital ecosystem.”
Kenneth Osim concurs, noting that “The journey towards cloud adoption is fraught with obstacles, primarily centred around the security of data and applications. The intricate web of cloud environments, characterised by data residing across multiple servers and regions, renders traditional security measures inadequate. Moreover, the collaborative nature of cloud services introduces novel vulnerabilities, necessitating a tailored approach to security.”
Besides regulatory controls, however, Osim emphasises the need for more practical steps to enhance cloud security, preferably because “hackers are getting smarter, and more patient”.
This is why initiatives like NITDA’s National Cloud Computing Policy (NCCP) are lauded and seen as marking a significant milestone in Nigeria’s digital journey.
“The NCCP serves as a roadmap for embracing cloud technology, emphasising several key areas,” Osim explains. “They are ‘Building a Thriving Cloud Market’ a policy that fosters a competitive landscape for cloud service providers; ‘Compatibility and Consumer Protection’ to ensure that government entities using cloud services have the same rights as individual consumers, including clear contracts and strong data protection measures; ‘Boosting the Digital Economy’ by recognising cloud computing as a powerful engine for Nigeria’s growth and encouraging widespread cloud use among government agencies and small businesses; and ‘Security and Growth Working Together’ to prioritise data security with clear guidelines for handling sensitive information and acknowledging that security and growth must work in parallel.
These policies reflect NITDA’s commitment to leveraging cloud technology for economic growth while ensuring the highest levels of security and compliance.
As technology continues to evolve, the importance of cloud security will only intensify.
“One thing I have learned in my decade of experience is that staying vigilant and proactive in addressing emerging threats are the best methods for businesses to navigate the complexities of the cloud with confidence, knowing that their data and applications are safeguarded against potential risks,” says Kenneth Osim.
The cloud is the backbone of digital innovation in today’s interconnected world. Yet, its transformative potential can only be fully realised with robust security measures in place. Through collaboration, education, and adherence to best practices, organisations can harness the power of the cloud while safeguarding their most valuable assets. Furthermore, the guidance of organisations like NITDA will be instrumental in shaping a secure and prosperous digital future for Nigeria and beyond
Got a story worth telling? Shoot us an email with SUBJECT — “Story Worth Telling” — to [email protected].