The Lighter Side Of The Cloud – The Storage Room
The Lighter Side Of The Cloud – Data Storms
The Lighter Side Of The Cloud – Old Wearables

Fundamental Elements Of Cloud Computing Security

Fundamental Elements Of Cloud Computing Security

Cloud security or cloud computing security evolved from information security and includes a wide set of controls, technologies, and policies used to protect the associated infrastructure, applications, and data of cloud computing. It is not related to the cloud-based security software services or commonly referred to as security-as-a-service.

Security issues related to cloud computing can either be security issues experienced by end users or security issues experienced by cloud suppliers. In general, cloud providers must make sure that what they’re offering is secure and their customers’ applications and data are also protected. The client, on the other hand, must ensure that the cloud supplier has the appropriate security implemented in order to protect his data and applications. Because of virtualization, customers of public clouds have growing concerns regarding the clouds security primarily because virtualization has changed the relationship between the hardware and the operating system. Additional concern about the virtualization software, with a tendency to be compromised, makes users wary about the capability of cloud computing to be secured.

In general, cloud computing security fall into three general categories: Contractual or Legal Issues, Compliance, and Privacy and Security. For the contractual and legal issues, end users and cloud vendors have to negotiate about liability, end-of-service, and intellectual property. They must agree about the degree of liability of each party when data has been compromised or lost. They must also agree on how the applications and data can be returned to the client when the contract isn’t renewed. Cloud providers must also take into consideration how the records are kept because there certain statutes which require electronic records to be kept in a certain way. Public institutions which are utilizing the cloud and storage must consider the laws regarding record keeping.

With regards to data and storage to the cloud, there are various rules and regulations which must be adhered to such as the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act, and the Payment Card Industry Data Security Standard. Cloud computing vendors must be able to provide their users to adhere to such rules and regulations easily. There must also be data recovery and business continuity plans so that service can be maintained in case of emergency and/or disaster. Whatever data is lost must have an assurance that it can be recovered. The clients must be able to review such plans so that they’ll have an assurance that their information is safe with the cloud providers. Cloud computing providers must be able to provide audit trails and logs and such items must be maintained, secured properly, and accessible in case a forensic investigation takes place. The cloud data centers must be maintain in such as a way that they adhere to compliance requirements.

In terms of privacy and security, every user must have his identity management system in order to access computing and information resources. The cloud providers must be able to provide such system to their users. Aside from securing access of data through the internet, the cloud providers must be able to assure their users that the physical servers are all secured and that access to such servers and even user data are all documented. They must also ensure that users can easily access their applications and data when and where they need them. In the production environment, cloud suppliers must be able to secure applications by implementing procedures not only for packaged or outsourced application but also an application security must be implemented.

Lastly, cloud vendors must be able to secure every critical data like credit card numbers by masking and restricting access to such data. Credentials and digital identities must be secured just like any data which cloud providers produce or collect from their users cloud activities.

By Florence G. de Borja

Sorry, comments are closed for this post.

Popular Archives

Wearable Tech – Will It Ever Be Fashionable?

Wearable Tech – Will It Ever Be Fashionable?

Wearable Tech – Will It Ever Be Fashionable? Wearable tech is taking over the world, and in that sense, it’s already fashionable. As we noted last week, the sector is expected to grow from $14 billion in 2014 to $70+ billion in 2024. But what about ‘high-fashion’? The catwalks and runways of London, Paris, and Milan? Can…

Cloud Infographic – Interesting Big Data Facts

Cloud Infographic – Interesting Big Data Facts

Big Data Facts You Didn’t Know The term Big Data has been buzzing around tech circles for a few years now. So much, in fact, that you’re probably getting sick of hearing about it. Here are some interesting facts you might not know about big data via The Visual Capitalist: Big Data got its start in the…

Cloud Computing Services Perfect For Your Startup

Cloud Computing Services Perfect For Your Startup

Cloud Computing Services Perfect For Your Startup Chances are if you’re working for a startup or smaller company, you don’t have a robust IT department. You’d be lucky to even have a couple IT specialists. It’s not that smaller companies are ignoring the value and importance of IT, but with limited resources, they can’t afford…

The Cloud In 2015: Eight Trends To Look For

The Cloud In 2015: Eight Trends To Look For

The Cloud In 2015 For organizations of all sizes, in 2014 the cloud emerged as a critical part of the default consideration set when implementing any new application – in large part due to the cloud’s proven ability to handle data storage and processing demands in an elastic manner, improved verifiable standards around data security and…

Why Hybrid Cloud Delivers Better Business Agility

Why Hybrid Cloud Delivers Better Business Agility

Why Hybrid Cloud Delivers Better Business Agility A CIO friend of mine once told me that a hybrid cloud model enables him to “own the base, rent the spike” when it comes to unplanned events. Let’s face it – maintaining unused infrastructure for rare or random IT events is expensive and unnecessary in a cloud…

Recent

Is The Internet of Things A Perfect Storm?

Is The Internet of Things A Perfect Storm?

Is The Internet of Things A Perfect Storm? There has been a great deal of discussion surrounding the Internet of Things over the past couple of years as more companies are taking an active and aggressive interest. IBM for example has recently decided to invest $3 Billion over the next 4 years. “Our knowledge of…

Digital Transformation: Miracle and Wonder

Digital Transformation: Miracle and Wonder

Digital Transformation These are the days of miracle and wonder. I’ve been leading a small, global research team at the Tau Institute for the past few years to examine the dynamics of IT adoption in more than 100 countries throughout the world. We’ve developed several indices that show how well these nations are doing on a relative basis. We ranked the nations…

Cloud Security Hottest Issue At RSA

Cloud Security Hottest Issue At RSA

Cloud Security Hottest Issue The integral integration of cyber security and cloud technology seemed to be the hottest issue at the busy RSA 2015 Conference in San Francisco. Interested parties packed security and cloud service booths for the duration of the conference. Several prominent publications covered the increased importance of securing their private information that’s…

Contact Us

Sending

Technology Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100
Site 24x7 200px-KPMG

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

CloudTweaks Comic Library

Advertising