71
services. Facebook, Twitter, Google Yahoo and LinkedIn can be cited as the
main examples. Facebook and Twitter almost always range among the top
three.
Banks, mobile telephone providers or government agencies would be more
likely candidates for B2B authentication systems given the confidentiality
issues. And yet, Facebook has grown to become the leading provider of
authentication systems (Facebook: 39% market share followed by Google
with 19%, source:
Gigya
, 14
July 2012). In the first year of Facebook Connect
alone, Facebook had signed up 80,000 websites and continues to sign up
about 100,000 website a year. Social networks have become the dominant
public authentication providers and it is something we simply cannot ignore.
So what do BYOD and social networks mean for Cloud computing? Assuming
that the proliferation of mobile consumer devices will promote the growth
of Hybrid Clouds, it will likewise be necessary to use authentication
providers that support authentication across the widest range of different
platforms, both Public and Private. That is exactly what the social networks
are pushing for.
If we follow this logic, we also see a change in the need for information
security.
Neither social networks nor Public Clouds can be swayed by enterprise
security measures. Security in the sense of conventional border defences is
only effective to a limited degree. That makes it increasingly important to
protect enterprise value whilst being able to react effectively to security
incidents in Cloud environments once they are detected. In the end, the
data, whether stored on mobile consumer devices, social networks or in a
Cloud, are owned by company management, who are therefore responsible
for the data.
This results in three main aspects, which are dealt with below:
1.
Prevention of security incidents through risk‐oriented measures
2.
Detection of security incidents
3.
Effective incident reaction