Cloud computing better protects data, Verizon says

As more federal workers rely on tablet computers and other mobile devices for tasks ranging from transmitting patient records on the battlefield to photographing safety violations at meatpacking plants, the number of data breaches might drop -- if users type in the cloud, Verizon officials said Wednesday.

"As the tablets become more integrated into the network -- the data, the sensitive data is not there to get," said Bernard McMonagle, associate director for Verizon Wireless, referring in an interview to the fact that video, images and files are not stored on a hard drive or memory card.

The cloud is a catchall phrase for off-site data servers, storage facilities and applications that workers access through an Internet connection on a subscription basis rather than using their own physical hardware or software. On Oct. 19, General Services Administration officials announced that Verizon, Amazon and nine other companies had won slots on a $76 million contract to provide federal agencies with remote access to cloud information technology. The Obama administration is urging departments to transition to cloud computing as a way to lower costs and boost productivity.

Many cloud services providers, including Verizon, offer private network connections that also prevent intruders from accessing the data through the Web, Verizon officials told reporters. "We can take that content and put it into our private [network address] so that it stays away from the Internet," said Ken Biery, Verizon's cloud security strategist.

Verizon also allows users to send encrypted files that can't be hacked during transmission and to lock their gadgets using fingerprint scanners. "You can monitor how many times someone attempted to get into the network," McMonagle added. "If data all of the sudden goes off the charts, we'll catch that in the billing system."

Despite such precautions, the major remaining security threats are internal: employees who forget to lock their computers and then leave them unattended, as well as federal offices that either don't regularly inventory their devices or that improperly encrypt smart phones before distributing them to employees. "Some will tell you the insider threat is the bigger problem" -- not the hacker, Biery said.