Cloud or not cloud?

Cloud applications and the underestimated risks of web-based software deployment

Web applications are a risk factor that is too often underestimated.

Companies too often and trustingly rely on web-based provision of software to save IT costs or to outsource the responsibility of data provision and backup.

Even if the cloud is convenient to access, storing confidential data on the internet is dangerous. Too often, carelessness or security flaws are the cause of complex and dangerous hacker attacks.

In the course of industrial espionage, the fraudsters act professionally and know every weak point. Even tried and tested and supposedly secure open source technologies are repeatedly the gateway to such attacks.

Is it really advisable to load sensitive company data into the cloud and make it available on the internet as a service? Would you also stick company secrets on the next advertising pillar and cover them with a cloth that says “Please do not read the text below”? Do you think all passers-by would sincerely comply with this request?

Who is affected?

Almost daily, the media reports security-related incidents whose causes can be found in the insecure operation and development of web applications.

News about cyber-attacks, phishing attacks and the typical implementation errors are still regularly in the headlines. Attackers thereby illegally come into possession of thousands of account and user data and also misuse them. In addition, hackers can exploit flaws in web applications to spy on uninitiated end users while they are surfing the internet.

Laboratory companies are particularly at risk, as they often operate web applications beyond their own company boundaries in order to be able to integrate end customers, partners or suppliers directly into business processes via web shops and supplier portals.

Here, even the slightest carelessness in the development or integration of web applications can lead to unauthorized persons gaining access to confidential information.

Would you like to see your medical diagnosis available on the Internet? Probably not.

LABDESK, a secure solution

LABDESK has therefore chosen to leave your data security in your hands. We offer proven and secure technology based on a classic desktop application and the security proven Microsoft SQL server. We ensure that LABDESK remains and can be operated in your network.

Articles on the topic of security on the net

Angriffsvarianten

Sicherheit von Webanwendungen – Wikipedia

Maßnahmen

Sicherheit von Webanwendungen – Maßnahmenkatalog (bund.de)

Codeschmuggel in PHP

Programmiersprache: Sicherheitslücke ermöglicht Codeschmuggel in PHP | heise online

Apache Server Sicherheitslücke

Webserver: Apache-Sicherheitslücke ermöglicht Auslesen von Dateien – Golem.de

Mehr vom BDI

Kritische Schwachstelle in Apache Webserver “httpd” (bund.de)