Manufacturing News

Cloud Risks- 3 ways your COTS Software is a sitting duck

‘Cloud’ technology hit the headlines recently for all the wrong reasons, after private photos and videos of celebrities were leaked online during an iCloud security hack.

This brought forward a plethora of concerns about the security of cloud platforms- especially in the business world where security is detrimental to the protection of sensitive data and daily operations.

With the manufacturing environment becoming more complex and dependent on network infrastructure, commercial off-the-shelf (COTS) software- (particularly security software) becomes a less viable mode of protection. Here’s why:

It is a blanket approach to your problems

COTS software does not take into consideration the applications technical environment or operating procedures, and therefore generally does not address instance-specific features of the operating environment. US department of Homeland Security says-

“The developer of the COTS code does not know where and how you are going to use it, how you are going to control access, how you will configure the operating system, or anything else specific about your IT operation. So the code will likely lack the specific features necessary to take advantage of your security infrastructure.”

COTS Software is too ‘accessible’

With many COTS software’s available online, or in a version that is less expensive to yours, system attackers have a means to explore and test against security weak points.

This information is typically shared among the ‘black hat’ (hacker) community; detailing vulnerabilities and information on viable attack patterns, thus making it easier for your systems to be jeopardised.

It is an attractive point of attack

Major COTS software brands manage important information and connect to more systems. They are therefore more ‘valuable’ to attackers by way of ‘notoriety’ or data.

For a specialist ‘hacker’, discovering how to break a COTS package is far more attractive than breaking a custom piece of code.

Cloud Safety

Moving your network infrastructure onto a cloud based system has many benefits. However, ill-management of its security and failure to back-up or eliminate areas of single-point failure can potentially bring down your entire operation.

You can minimise risk by employing a hybrid cloud solution. A system which allows you to manage some resources in-house, such as the storage of customer data, whilst storing other less-sensitive information externally, on a public cloud service.

By doing this, you can benefit from the scalability and cost-effectiveness that a public cloud computing environment offers, without exposing critical applications.

This free white paper from Secure Agility looks at the future of Australia’s manufacturing industry in relation to the shift to cloud computing, the implications this may have on production, and what changes you can make to current network infrastucture to future proof your business, improve efficiencies, and reduce downtime.

Leave a Reply

Send this to a friend