This month, the National Institute of Standard and Technology (NIST) released a report which identified 65 different forensic science challenges to cloud. They are hoping to complete a draft of how these challenges can be surmounted in the future.
The report was written after gathering research and data from NIST’s Cloud Computing Forensic Science Working Group, and as a whole, it indicates that there is a lot of work to be done. Although there are not an insurmountable number of challenges, it does represent a significant hurtle that needs to be jumped in order for cloud technology to effectively move forward.
Over the past decade, cloud computing solutions’ popularity has grown in leaps and bounds as many businesses both small and large have begun to recognize the benefits of having more flexibility when it comes to storage, software access and on-demand logistics. Also alluring has been the falling price of cloud technology — it is now often cheaper than hardware installation, and promises additional long-term savings.
However, having data flowing so freely all over the place presents security concerns, as well. “Here (in cloud hosting services) you have data that you may not even be sure where it is at any point in time, explains Martin Herman, who is the current senior adviser for forensics and IT at NIST.
NIST says that cloud hosting’s expansiveness can sometimes make it difficult for investigators and others to solve digital crimes, citing numerous challenges with accessing the original data and determining where, even, that it can be found. Because everything is remotely accessed, it’s not like in the past where law enforcement could physically take charge of any suspicious hardware.
NIST’s research isn’t done. The current report is a draft, and a final report will be issued after allowing for a two-month comment period. The group will then take the final report and analyze the issues in order to prioritize them and figure out a “roadmap” of how to move forward. They will evaluate each challenge based on how difficult it will be for law enforcement, consumers, and government regulators to overcome them.
What concerns do you think cloud solution providers should have? Let us know in the comments. See more.