It gets worse: The company posted a message on its site saying that it wouldn't be able to rebound from the attack and would be closing its doors. A spokesperson for Amazon told CIO.com the breach had nothing to do with the AWS services and that companies must follow the AWS security precautions.
What if You Forget About Compliance and Security?
Most companies know the cloud is a secure portal. In some cases, the disaster recovery techniques and backup processes are even more rigid than an on-premises approach. According to analyst Rob Enderle, though, that's not quite the whole picture.
Enderle tells the story of two engineers at an enterprise-level pharmaceutical company who were tasked with analyzing the results of a drug trial that required an investment in hardware and software. The IT contacts told the engineers the budget would be around $100,000 and would take nine months to deploy. They decided not to wait. After finding a cloud provider and spending about $3,600 using their own credit cards, they rented the resources and finished the work. Then an executive found out.
"The engineers were terminated the following day for the massive violation of security policy," Enderle says. "There was no way to determine where the data resided after the work was done but, generally, it was believed to be in Eastern Europe."
How should your company respond to all of these horror stories? With due diligence. The experts all says cloud infrastructure is just an extension of your own data center and computing services. Somewhere, there's a server and a storage array housed in another city or another country. Research all of the variables, ask the right questions and be thorough about your strategic plan.