“The cloud” – or rather “cloud computing” – is a computing concept that goes far beyond the mere use of processing power. The idea is to outsource IT infrastructures – such as data storage, processing power, and even software – to an external service provider. The administration of these data no longer takes place on local computers, but instead happens “in the cloud”. Access to this remote system is achieved via a network, e.g. over the internet.
The growing use of cloud services is an inexorable trend. Barely any new software product can get by without cloud compatibility. Manufacturers of smartphones and tablets are also jumping on the bandwagon, as the cloud meets users’ desires to be able to access all their photos, music, and other data from anywhere, at any time. If you look at it like this, part of our life does already take place in the cloud.
Viewed from an IT security perspective, many of today’s cloud offerings are lacking strong mechanisms for the protection of privacy and confidentiality. This is due to a lack of both technology and user awareness. A free game where the next level can only be unlocked when the user allows the application access to his or her entire address book is not really free – it is taking payment in the form of the user’s data. It is society’s responsibility to promote awareness of how to sensibly make use of cloud services, but this can only be achieved through cooperation between sociologists, media experts, lawyers, and computer scientists.
Michael Herfert of the Fraunhofer Institute for Secure Information Technology (SIT) answered this question.