Cyberattacks against companies and institutions, targeting sensitive data such as medical, banking or commercial information, are constantly increasing. Can the mobile mapping industry be affected? The crucial question of the confidentiality of processed scan data is becoming more than relevant, especially when it comes from military, nuclear or Seveso classified sites. Cloud servers or local processing, which system should you choose to guarantee the protection of your customers' sensitive data? Let's take about it.
In a late 2023 survey of 1,610 IT and security professionals in more than 100 countries, US security software provider Netwrix found that 64% of companies in the manufacturing sector experienced a cyberattack in the last 12 months. This sector has also been the most affected by attacks against cloud infrastructure. Of the companies that detected an attack, 85% spotted a phishing attack in the cloud, 43% experienced compromised user accounts in the cloud, and 25% experienced data theft by cyberattackers in the cloud.
Local processing solutions, such as the one adopted by Viametris with its PPiMMS software, eliminate any need to upload or download data to the cloud. This approach provides a higher level of security because the data remains confined in the local environment, eliminating any risk of compromise via remote servers manipulation. A solution particularly suitable in the context of scanned data on nuclear or military sites. Indeed, due to its extremely sensitive nature, this information must under no circumstances leave the location, either physically or virtually. In such cases, local processing ensures maximum security by keeping all data within site boundaries.
Other companies choose to favor processing in the cloud (hosting and calculation of data on remote servers), because it offers great flexibility and high computing power. But then data protection is dependent on the robustness of the security measures implemented by the cloud service provider, which can lead to a real concern regarding confidentiality. If the data is stored on servers belonging to American companies (such as AWS© or Azure©), they are subject to the right of pre-emption of the data by the American authorities.
Data preemption by the american authorities refers to the power of U.S. government agencies, such as the National Security Agency (NSA) or the Federal Bureau of Investigation (FBI), to access data stored by U.S. companies, even if those data belong to individuals or entities located outside of the United States. This stems from laws such as the USA PATRIOT Act and the Foreign Intelligence Surveillance Act (FISA), which grant US authorities broad powers to monitor communications and access data in the fight against terrorism and other threats to national security. For users and businesses located outside the United States, this means that their data stored with US service providers may be accessed, used or even deleted by US authorities.
Data processing in the cloud can also raise security and privacy concerns. Users are often required to provide an email address and password to access services, opening the door to possible spam campaigns, personal data reselling, phishing or unwanted intrusions.
Local processing, although it may require occasional license verification via internet access, avoids these problems by only involving the identification of the machine itself, without directly identifying individuals.
Another, non-negligible aspect to consider is the cost associated with each processing modality. In the cloud, users typically pay based on the volume of processed data, which can represent a significant investment over time as a company’s scanning activity grows.
Although it is necessary to invest in a powerful workstation initially to be able to process your data locally, once the necessary hardware is acquired, there are no recurring costs linked to the volume of data to be processed. This can represent real savings in the long term. Furthermore, for those most reluctant to make the initial hardware investment, it is entirely possible to rent workstations from computer equipment suppliers. This smooths out the cost and allows you to always have machines with the best possible specifications.
The choice between cloud or local processing will depend on many factors, including specific security and cost needs. While the cloud offers great flexibility and high computing power, local processing stands out for its level of security and data control. It is therefore up to each user to weigh these considerations and choose the solution that best suits their needs and requirements in terms of data confidentiality, at the risk of facing very serious consequences in the event of a leak or theft.
Infos > Netwrix survey : Hybrid security trends report
