Reports that researchers have driven an electronic steamroller through password recovery systems on Amazon's EC2 and Microsoft's Online Office services come as no surprise, says Andy Cordial, Origin Storage's managing director.
The action happened at the Black Hat security briefings in Las Vegas drove. "Password resetting and other security mechanisms in the cloud are always going to be a weak link, as long as user-friendliness comes ahead of security in the cloud computing beauty stakes," comments Cordial.
"Expecting regular joes to whip out a two-factor authentication device for use with a cloud-driven service just isn't realistic. It's not going to happen," he adds.
According to Cordial, whose company specialises in secure storage of the bricks and mortar variety, developing a transparent security system for use in the cloud is going to be a seriously uphill task for developers.
"Even if the developers succeed in creating a viable and transparent authentication system that can be used on a notebook in a coffee shop in the real world, getting that technology to be accepted on a widespread scale is going to take time," he explains.
On the other hand, installing a user-transparent but high-security hard drive or cluster of hard drives, in an office is easy to implement. "So easy that most users need not be aware of the fact their data is being encrypted and decrypted to military standards in the background and on-the-fly," he adds. .