Is My Public Cloud Too Public? Part 5 (Conclusion)
The ideal cloud equation
Control + Visibility = Trust
A cloud deployment that overcomes these myths is built on trust. Trust cannot be achieved without control and visibility across the cloud infrastructure, identities, and information.
- Availability: Ensure access to resources and recovery following disruption or failure.
- Integrity: Guarantee that only authorized personnel can access specific information and applications.
- Confidentiality/privacy: Protect how information and personal data is obtained and used
- Compliance: Comply with specific legal requirements, and industry standards and rules.
- Governance: Establish usage rights and enforce policies, procedures, and controls.
- Risk management: Manage threats to business disruptions or derived exposures.
Cloud computing promises to change the economics of the datacenter, but before sensitive and regulated data move into the public cloud, issues regarding security standards and compatibility must be addressed, including strong authentication, delegated authorization, key management for encrypted data, data loss protection, and regulatory reporting. All these are elements of a secure identity, information and infrastructure model, and are applicable to private and public clouds as well as to IAAS, PAAS and SAAS services.
While security emerges as a major concern among the barriers to adoption of cloud computing, the key to understanding security in cloud computing is to realize that the technology is not new or untested. It represents the logical progression to outsourcing of commodity services to many of the same trusted IT providers we have already been using for years.
Having said that, cloud security is part of the inevitable progression of IT. It must be embraced by organizations if they wish to stay competitive. Companies who approach cloud computing with a mature attitude need not be afraid of entering the cloud due to security concerns. Dealing with security in the cloud is no more difficult than addressing it internally. And there are steps you can take that can make cloud security just as effective—or even more so—as your internal IT.
By Gopan Joshi
Gopan is Product Manager: Cloud Computing Services, Netmagic Solutions Pvt. Ltd. and has expertise in managing products and services in various market scenarios and life cycle stages. His experiences ranges from introducing cutting edge innovations in existing products, existing markets to new technology, new markets