CLOUD SOLUTIONS
A walk in the Clouds Securing your Cloud Experience
The benefits of cloud computing are resounding, but businesses are still wary of the security implications. How are you assured that your data is as safe on the cloud as it is in your own network? What are the security pros and cons of utilising the cloud? And what steps should you be making to ensure your cloud experiences are not only beneficial to your users, but are secure for your business.
What you will learn
In this article you will learn about the security areas to consider when adopting cloud solutions and some of the questions to ensure you ask.
S
ecurity is one of the most important factors for companies who want to store data and operate using the cloud and it continues to be highlighted as the greatest concern in end user studies. Implementing and utilizing a cloud solution brings great potential benefits, but also introduces challenges around securing content and access control. The cloud offers the promise of large potential savings in infrastructure costs and improved business agility, but concerns about security are a major barrier to implementing cloud initiatives for many organizations. Before transitioning to the cloud, you need to figure out how to implement and enforce an effective security program. Cloud security refers to the computer, network and information security of cloud computing providers and incorporates data protection, infrastructure and governance issues. Security concerns surrounding cloud computing are generally considered to be security and privacy (of the information stored), compliance (with legislation and user company policy) and legal/contractual issues. In end user survey, after survey, the top 2 issues that surface to the top are security (data being the typical lead in this) and reliability 05/2012(7)
What you should know
This article is aimed at those with a fundamental understanding of cloud and security concepts, but is written to be informative for anyone in an IT or business role who is concerned or has read about cloud security issues.
(being availability and accessibility). A good reference point for this being the Cloud Industry Forums 2011 Cloud Adoption and Trends Survey where 64% cited Security as their most significant cloud concern. Another study, carried out by network performance monitoring company Network Instruments, added confirmation that the top cloud challenge is the security of corporate data, with 45% of respondents surveyed reporting it as their key concern. As with other major technology transitions, cloud computing has gained widespread attention and scrutiny in the media. We have seen stories abound around cloud, SaaS (Software as a Service), PaaS (Platform as a Service), etc, both in the consumer (eg. iCloud) and business worlds. Many of the stories have scare mongered, seeing cloud as a pure risk and citing exposures such as Sony and Blackberry as examples of security and reliability in the cloud, of which you could hardly fail to notice. Sony is a good case in point, where the press reported in April 2011 “Two of Sony’s online gaming services, were hacked, compromising confidential data of more than 100 million customers.� under banner headings of being a cloud failure! This
Page 6
http://pentestmag.com