2015 Advertising Opportunities - Find Out More!

Which Governance Framework Is Right For Cloud Computing?

Which Governance Framework Is Right For Cloud Computing?

The Threat

Cloud computing is revolutionizing how organizations use technology worldwide and for a good reason, it leverages on economies of scale more than any application of technology in recent history. And with the economic stability of the world swaying back and forth, organizations and businesses are forced to embrace that which makes them more stable and compete in a shaky market. Cloud computing allows them to do just that as it leverages their business processes with high returns and low costs. But the aggregation of data and information in a single virtual space has its own risks –it becomes a prime target for attackers and opportunists. This is more in line with the concept of data gravity. As data becomes more massive, the faster it attracts other services, application, customers, and yes even attackers. It also becomes harder to move which only assures attackers that the data they want is in the same place at any given time.

Cloud computing has received the brunt of most recent high-profile security attacks and data breaches, giving cloud computing a bad reputation of being unsecure, which now makes it a scapegoat for any failed security measure. But cloud computing can become very secure no matter the architecture or type used, but this would require a strong governance framework.

The Solution: Security Governance Framework

A governance framework is essential for any concept of technology to succeed. There are different types of governance frameworks for most concepts like how to run the organization itself, as well as the different departments in an organization, and of course a dedicated governance framework for IT. But for cloud computing, perhaps the most important governance framework would be that for security.

As with IT governance which stretches across all of its facets, from the people to the whole organization, the cloud computing security governance framework must do the same. The framework must allow the CSO and CIO to oversee and assess all risks and manage them accordingly, as well as the security and compliance of the organization’s cloud environment.

This governance framework must allow for security, compliance, and all of IT and the rest of the organization to be synergized to make the cloud secure. And therefore must do some of the following things.

1. Educate your workforce. Most security breaches and attacks stem from negligence or ignorance from the basic building block of the organization, the rank and file. Most breaches are a result of something that internal users have done or failed to do, and to prevent such things from happening again or at all, they must be made aware of the dangers of some actions and must be educated with security measures which they should always comply with.

2. Audit compliance. Use an audit tool which can view the organization’s vulnerabilities across the board. It is common for departments to be without contact with each other because they are not related whatsoever, and the solution to this is to create a framework for compliance across the organization which combines the different streams of information from different groups, giving security administrators a single overview.

3. Employ Identity and Access Management (IAM). This is one of the best ways to keep track of people who have access to sensitive data. This prevents or at least mitigates breaches and attacks from internal sources. Access management must be paired with a data logging solution which allows administrators to know who does what, when and where and that all changes are logged and audited properly.

4. Employ Security Information and Event Management (SIEM). The ideal cloud security solution should integrate the organization’s access management to secure a complete view of where the organization stands in terms of security. Security as a service is one solution that organizations may avail if they cannot provide their own.

5. Look for guidance but ensure your own security. Many organizations both government, academic, or private like the European Network and Information Security Agency (ENISA) and the Cloud Security Alliance (CSA) have published papers and guidance protocols for securing cloud environments. Organizations can consider them as guidance and must form their own way for securing their cloud based on the recommendations and incorporate their own twists into those depending on their needs.

Conclusion

A governance framework is essential for cloud computing but there shouldn’t be just one good way to do it. Since no two organizations are alike, it would make sense that no two frameworks are alike, but they would have a lot of similarities. But no matter the difference all organizations need a security governance framework for any cloud infrastructure that they may be using.

By Abdul Salam

Abdul

Abdul Salam is IT professional and an accomplished technical writer with CloudTweaks. He earned his undergraduate degree in Information Technology followed by a postgraduate degree in Business Informatics. Abdul possess over 3 years’ experience in technical & business writing with deep knowledge in Cloud Computing, VMware,Oracle, Oracle ERP, Cloud ERP, Microsoft Technologies and Network Communications (Cisco, Juniper). Visit his LinkedIn profile at: http://linkd.in/TtFu7X

Sorry, comments are closed for this post.

Comics

At CloudTweaks, we're plugged into the cloud, the internet of things and all that the web has to offer. From wearable technology, to mobile computing, cloud computing and big data, CloudTweaks is your source for updates and news on the most innovative technology.

Popular

Top Viral Impact

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future of Work: What Cloud Technology Has Allowed Us to Do Better The cloud has made our working lives easier, with everything from virtually unlimited email storage to access-from-anywhere enterprise resource planning (ERP) systems. It’s no wonder the 2013 cloud computing research IDG survey revealed at least 84 percent of the companies surveyed run at…

Cloud Computing Adoption Continues

Cloud Computing Adoption Continues

Cloud Computing Adoption Continues Nowadays, many companies are changing their overall information technology strategies to embrace cloud computing in order to open up business opportunities.  There are numerous definitions of cloud computing. Simply speaking, the term “cloud computing” comes from network diagrams in which cloud shapes are  used to describe certain types of networks. All…

PaaS And IaaS: Rising Champions Of Cloud Computing

PaaS And IaaS: Rising Champions Of Cloud Computing

PaaS and IaaS: Rising Champions of Cloud Computing In the cloud conversation, Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) appear much less than the famed Software as a Service (SaaS). This is not surprising when you consider that a world already populated with built platforms and infrastructure has but to operate…

Cloud Infographic: Cloud Apps (A Buyers Guide)

Cloud Infographic: Cloud Apps (A Buyers Guide)

Cloud Apps (A Buyers Guide) SaaS has gained huge popularity over the last few years, with an increasing number of enterprises adopting it mainly due to the benefits like pay per use and on demand service. Cloud applications entail thorough testing for their integrity, different from that of on-premise applications. This involves testing of business…

Cloud Computing Offers Key Benefits For Small, Medium Businesses

Cloud Computing Offers Key Benefits For Small, Medium Businesses

A growing number of small and medium businesses in the United States rely on as a means of deploying mission-critical software products. Prior to the advent of cloud-based products — software solutions delivered over the Internet – companies were often forced to invest in servers and other products to run software and store data. The…

Featured Sponsors

Salesforce Service Cloud: Air Traffic Control For Your Customer

Salesforce Service Cloud: Air Traffic Control For Your Customer

Salesforce Service Cloud One of the greatest benefits of the increasingly reliable and ubiquitous state of cloud technology is the removal of business silos and the consolidation of information flow, both in-house and on the road. This is of particular importance to the many different types of professionals whose work involves customer relationship management (CRM).…

Cloud Logo Sponsors

hp Logo CityCloud-PoweredByOpenstack-Blue square_logo_100x100-01
cisco_logo_100x100 vmware citrix100

2015 Advertising Opportunities - Find Out More!

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021

Join Our Newsletter