Megaupload: Lessons Learned in Cloud Computing Risks

By Jennifer Dennard
11:53 AM

My ears perked up earlier this week when the radio show Marketplace ran a piece entitled “Megaupload Case Exposes Cloud Computing Risks.” I had read rumblings of the imminent shutdown of the file-sharing site, and sure enough, the Justice Department shut it down earlier this month for alleged copyright violation. (What with all the negative consumer reaction to the proposed SOPA/PIPA legislation, I wouldn’t be surprised if the government was flexing a bit of legal muscle in the face of such opposition.)

The Marketplace report went on to explain that “A lawyer for Megaupload says at least 50 million customers are in danger of having their data erased completely, and that's raising questions about the reliability of the fast-growing industry known as cloud computing.”

The healthcare industry has long questioned the reliability and security of cloud computing. It’s interesting to see such a consumer-focused microscope placed on a buzzword that has been bandied about with increasing frequency in the healthcare field. As Don Fluckinger wrote in a recent article:

“In 2010, the general feeling of many health care practitioners -- and the IT folks serving them -- toward cloud computing services was, ‘over my dead body.’ In 2011, some practitioners embraced the cloud. This year, cloud data migration will no doubt be a vendor chant at the Health Information and Management System Society's HIMSS 2012 conference. Attendees, too, might make it a serious topic of discussion.”

I wonder, though, if the trials and tribulations of consumer-friendly cloud services like Megaupload, Google and Amazon will have HIMSS12 attendees talking more about the risks of cloud computing than the benefits. We could dig deeper, and talk public versus private cloud, but I think the issue is the same: Choose your cloud carefully and set controls appropriately. One would assume that big names like Google and Amazon bring with them an unspoken guarantee that your data will be safe, secure and always THERE no matter what. But even the big guys have had their share of problems - legal, technical or otherwise.

I reached out to Mariano Maluf, CTO at Atlanta-based GNAX, which provides cloud hosting services and cloud computing services to a number of area hospitals, to gauge his reaction:

“While Megaupload’s recent shutdown certainly caught people’s attention in regards to leveraging the ‘cloud’ for data storage, the reality is that this particular service was taken down for specific reasons, mostly related to the copyright domain. There are still many other similar services being used for online file sharing. I think it’s critical to recognize a demarcation line between these offerings (typically oriented to serve personal file storage needs) and what an enterprise-grade, business-oriented cloud solution really is.
“Healthcare organizations can and should pursue a progressive cloud strategy, one that allows them to incrementally offload some infrastructure-related components, as well as ancillary applications. Working with a cloud provider that understands healthcare and can provide the necessary data center security and compliance mechanisms, can ensure that benefits can be realized quickly with minimal disruption. From this standpoint, they should not have to worry about losing critical data, provided they have put the appropriate controls and SLAs in collaboration with their selected provider.
“What organizations should also learn from this event, albeit from a different perspective, is that - as recent surveys show - a high percentage of employees use online file sharing services for various purposes, so it’s very important to ensure that internal controls prevent users from uploading critical, sensitive data into these services. Secure cloud storage solutions should be leveraged instead, as part of a more comprehensive cloud strategy.”

Jennifer Dennard is Social Marketing Director for Atlanta-based Billian's HealthDATA, Porter Research and Connect with her on Twitter @SmyrnaGirl.