Fundamental Elements Of Cloud Computing Security

Fundamental Elements Of Cloud Computing Security

Cloud security or cloud computing security evolved from information security and includes a wide set of controls, technologies, and policies used to protect the associated infrastructure, applications, and data of cloud computing. It is not related to the cloud-based security software services or commonly referred to as security-as-a-service.

Security issues related to cloud computing can either be security issues experienced by end users or security issues experienced by cloud suppliers. In general, cloud providers must make sure that what they’re offering is secure and their customers’ applications and data are also protected. The client, on the other hand, must ensure that the cloud supplier has the appropriate security implemented in order to protect his data and applications. Because of virtualization, customers of public clouds have growing concerns regarding the clouds security primarily because virtualization has changed the relationship between the hardware and the operating system. Additional concern about the virtualization software, with a tendency to be compromised, makes users wary about the capability of cloud computing to be secured.

In general, cloud computing security fall into three general categories: Contractual or Legal Issues, Compliance, and Privacy and Security. For the contractual and legal issues, end users and cloud vendors have to negotiate about liability, end-of-service, and intellectual property. They must agree about the degree of liability of each party when data has been compromised or lost. They must also agree on how the applications and data can be returned to the client when the contract isn’t renewed. Cloud providers must also take into consideration how the records are kept because there certain statutes which require electronic records to be kept in a certain way. Public institutions which are utilizing the cloud and storage must consider the laws regarding record keeping.

With regards to data and storage to the cloud, there are various rules and regulations which must be adhered to such as the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act, and the Payment Card Industry Data Security Standard. Cloud computing vendors must be able to provide their users to adhere to such rules and regulations easily. There must also be data recovery and business continuity plans so that service can be maintained in case of emergency and/or disaster. Whatever data is lost must have an assurance that it can be recovered. The clients must be able to review such plans so that they’ll have an assurance that their information is safe with the cloud providers. Cloud computing providers must be able to provide audit trails and logs and such items must be maintained, secured properly, and accessible in case a forensic investigation takes place. The cloud data centers must be maintain in such as a way that they adhere to compliance requirements.

In terms of privacy and security, every user must have his identity management system in order to access computing and information resources. The cloud providers must be able to provide such system to their users. Aside from securing access of data through the internet, the cloud providers must be able to assure their users that the physical servers are all secured and that access to such servers and even user data are all documented. They must also ensure that users can easily access their applications and data when and where they need them. In the production environment, cloud suppliers must be able to secure applications by implementing procedures not only for packaged or outsourced application but also an application security must be implemented.

Lastly, cloud vendors must be able to secure every critical data like credit card numbers by masking and restricting access to such data. Credentials and digital identities must be secured just like any data which cloud providers produce or collect from their users cloud activities.

By Florence G. de Borja

Sorry, comments are closed for this post.

Comics

At CloudTweaks, we're plugged into the cloud, the internet of things and all that the web has to offer. From wearable technology, to mobile computing, cloud computing and big data, CloudTweaks is your source for updates and news on the most innovative technology.

Popular

Top Viral Impact

Cloud Computing Offers Key Benefits For Small, Medium Businesses

Cloud Computing Offers Key Benefits For Small, Medium Businesses

A growing number of small and medium businesses in the United States rely on as a means of deploying mission-critical software products. Prior to the advent of cloud-based products — software solutions delivered over the Internet – companies were often forced to invest in servers and other products to run software and store data. The…

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow  Online Education is a very exciting topic for many as it opens up many new doors and opportunities. We’ve touched on areas such as Massive Open Online Sources (MOOC) which provides tremendous levels of cloud based interconnectivity. We’ve taken a look into higher education,  the increased demand for online courses as well as…

The Lighter Side Of The Cloud – Holiday Photos

The Lighter Side Of The Cloud – Holiday Photos

The Lighter Side Of The Cloud – Holiday Photos Enjoy our weekly comics provided by our talented cartoonists. By David Fletcher About Latest Posts Florence Latest posts by Florence (see all) Negotiating Tips On Software-As-A-Service Contracts – August 9, 2012 How You Can Take Advantage Of The Cloud – August 7, 2012 How Can Cloud…

Cloud Infographic: Cloud Computing Growth

Cloud Infographic: Cloud Computing Growth

An excellent infographic provided by AwesomeCloud which predicts a continued high level of growth in the cloud computing industry. Potentially staggering numbers for Public Cloud IT Services of $100 Billion by 2016. Infographic Source: AwesomeCloud About Latest Posts Florence Latest posts by Florence (see all) Negotiating Tips On Software-As-A-Service Contracts – August 9, 2012 How You Can Take…

Featured Sponsors

Salesforce Service Cloud: Air Traffic Control For Your Customer

Salesforce Service Cloud: Air Traffic Control For Your Customer

Salesforce Service Cloud One of the greatest benefits of the increasingly reliable and ubiquitous state of cloud technology is the removal of business silos and the consolidation of information flow, both in-house and on the road. This is of particular importance to the many different types of professionals whose work involves customer relationship management (CRM).…

Moving From Email Into The Cloud

Moving From Email Into The Cloud

Mobile Collaboration In The Cloud Imagine that you, as a manager, are told by the powers that be that you have to find “efficiencies” within your department that will result in one million dollars of savings annually. You struggle with this. You send an email to everyone on your senior team. “Where can we save…

Sponsors

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future of Work: What Cloud Technology Has Allowed Us to Do Better The cloud has made our working lives easier, with everything from virtually unlimited email storage to access-from-anywhere enterprise resource planning (ERP) systems. It’s no wonder the 2013 cloud computing research IDG survey revealed at least 84 percent of the companies surveyed run at…

Placement Opportunities - Find Out!

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

You can help continue to support our community by social sharing, sponsoring, partnering or contributing to this great educational resource.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021

Join Our Newsletter