An increasing number of experts are voicing their opinions that a thorough investigation and full preparation for security threats are needed when changing existing IT infrastructure into a cloud environment. Recently, the government and businesses are exploring the idea of converting their systems into cloud computing systems, since it is possible to reduce IT operating costs. It is also possible to access insider information in a more convenient manner. However, experts are pointing out that cloud computing's response to much bigger security threats is mediocre.
According to industry sources and experts on Sept. 3, growing interest in cloud computing may lead to large-scale security threats without due consideration for cloud security. This has been illustrated recently by the recent hacking incident of Apple's iCloud.
Apple officially announced that its iCloud has never been hacked, but industry analysts are saying that it is not important whether or not iCloud was really hacked. Rather, the incident has awakened people to the vulnerability of cloud platforms to hacking.
Park Choon-sik, head of the cloud computing research center at Seoul Women's University, remarked, “It may be an overstatement to say that a cloud environment is more vulnerable to a security breach. However, local companies do not heavily invest in security. They tend to regard security as a small thing to do last when building a cloud environment.” He stressed, “The cloud is a place where information is concentrated, and hackers are bound to eye that kind of place. Due to security threats of the cloud, a stronger security system should be constructed.”
Currently, large-scale cloud projects are under way in the nation, including the construction of a cloud environment for corporations and a government-wide cloud project. When it comes time for the government-wide cloud project to establish the Information Strategic Planning (ISP), concerns about security threats lead the government to push forward with a plan to include heavy discussions on the construction of a security system in its ISP.