As the U.S. government faces increasing concerns over the security of its data stored in cloud computing systems, Amazon, Google, and Microsoft are taking steps to address these concerns. After a recent theft of emails from top U.S. officials, cybersecurity experts have commented that the data stored in the cloud systems of these major companies remains more secure than that stored on government-owned machines. However, federal officials and legislators are demanding that the cloud giants do more to enhance security.
Microsoft has particularly faced scrutiny after an espionage operation attributed to the Chinese government gave hackers access to the email accounts of Commerce Secretary Gina Raimondo and State Department officials. The attackers were able to steal digital tools from Microsoft’s own corporate networks, enabling them to pose as large customer organizations and gain access to employee inboxes. In response to these incidents, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has tasked its review board with investigating the breach.
The big three cloud computing companies are now working to demonstrate their security efforts and distinguish themselves from competitors. For example, Amazon recently showcased its techniques to The Washington Post, including the ability to send takedown requests to servers hosting malicious programs within an hour, without human involvement. Amazon also sets up “honey pots,” virtual servers that imitate programs under attack, to attract hackers and gather information.
Microsoft, on the other hand, uses extensive machine learning and modeling to identify threats and offers enhanced protection for an additional fee. Meanwhile, Google focuses on proactively scanning the internet for leaked credentials that pose a risk to organizations’ security. Each company brings unique capabilities and visibility to the table, making collaboration and information sharing essential.
According to cybersecurity experts, while the efforts of these large cloud providers are commendable, their data on attacks is limited to their own customers. However, their techniques remain effective, and their proactive approach to security helps to protect customers and the broader community. Moving forward, it is crucial for these companies to continue investing in security measures and collaborating with government agencies to ensure the safety of data stored in the cloud.