more-arw search

Q&A Forum

No question that business cannot afford gaps in security, BUT, if Chrysler cannot prevent Jeep from being hacked, Twitter was hacked and Facebook was hacked, let's face it, nothing is hack proof. What would you say to this? (Webinar Attendee Question)

This question was asked by an attendee during the Proformative webinar "What's Stopping CFOs from Moving Accounting To The Cloud" held on February 20, 2013.  Please join the discussion and add your insights below.

A video of the webinar can be viewed here


Topic Expert
Donald Koscheka
Title: Principal
Company: Bluecloud Communications
(Principal, Bluecloud Communications) |

The way to ask the question is this: Is my datacenter more secure than the cloud vendor? To answer this, you could conduct an SSAE-16 audit of your datacenter and compare it to the audit results for the cloud vendor. In my experience, most datacenters are LESS secure because the average IT department does not have the resources to address all of vulnerabilities it faces - both from hackers and from lack of internal controls (most data is stolen by employees, not be hackers).

The counter-argument is this: if I'm a small business, am I more likely to be hacked than a large business? That depends on what hackers are after - if you do a lot of on-line business or are a start-up that might have tempting intellectual property, you are likely to be a target.

Topic Expert
Mike Caruana
Title: Director of Financial Services
Company: Diamond Resorts International
(Director of Financial Services, Diamond Resorts International) |

I agree with you, Donald. Most datacenters are actually less secure due to resource constraints, and focus spending on more capacity versus cyber-security.

Your counter-argument is also a valid one.

Because so much of our marketplace is comprised of small businesses, we shouldn't underestimate the 'small time' operatives that target them. They are able to (fairly easily) pirate transaction activity using ubiquitous public networks using key loggers, trackers, and the like. Masking a small company's wireless network takes more than a unique SSID with an encrypted password. We need to understand the potential false sense of security that can create, and continue educating each other on cyber security fundamentals. Not everyone already knows the basics so it's great that Proformative hosts webinars around this topic.

Greg Pierce
Title: VP, Tribridge Concerto Cloud Services
Company: Tribridge
(VP, Tribridge Concerto Cloud Services, Tribridge) |

I think you’re right – that nothing is “hack proof.” That being said, the more stringent your security policies, processes, systems and procedures are, the more likely hackers are to look somewhere else. Part of any enterprise security policy should include consequence management and risk mitigation to determine the steps you would take in the event of a breach to remediate. How you handle bad things is every bit as important as working to prevent them from happening.

Products and Companies

Get Free Membership

By signing up, you will receive emails from Proformative regarding Proformative programs, events, community news and activity. You can withdraw your consent at any time. Contact Us.

Business Exchange

Browse the Business Exchange to find information, resources and peer reviews to help you select the right solution for your business.

Learn more

Contribute to Community

If you’re interested in learning more about contributing to your Proformative community, we have many ways for you to get involved. Please email [email protected] to learn more about becoming a speaker or contributing to the blogs/Q&A Forum.