Companies considering moving to the cloud sometimes are cautioned that heightened data security risks pose a potential drawback to cloud computing. And it is certainly correct that before making a decision about whether and how to adopt cloud-based computing, companies should carefully consider the security practices of potential cloud service providers or build security into their internally-developed cloud system. However, a recent announcement from Diebold that it is developing cloud-based automatic teller machines (ATMs) provides a reminder that local-based computing and storage can pose its own security risks, which sometimes may outweigh those in the cloud.
Diebold is developing ATMs that will both store data remotely and run software from the cloud. Diebold describes the system they are developing as “virtualized” ATMs, and their CTO stated that they believe that no other ATM manufacturer has yet deployed fully cloud-based ATMs. Despite physical and software security measures, ATMs are unusually vulnerable both because they are by necessity publicly accessible and because the data the financial data they process is especially valuable for fraud and identity theft. Of course, ATMs also store money, and as InformationWeek reports, thieves in some countries have stolen entire ATMs, raising the risk that they will access not only the cash contained in the device but also any locally-stored data.
Given the unusual risks, it is perhaps not surprising that Diebold is developing cloud-based ATMs. In particular, Diebold’s move highlights the risks involved in local computing and storage where the storing computers are readily accessible or contain especially valuable data. Companies facing such circumstances or others that render local storage risky may contemplate a shift toward cloud computing, but in doing so should be sure to account for security in choosing a cloud service provider or developing their own cloud systems, in order to avoid simply replacing old risks with new ones.