Tips To Lessen Cloud Security Fears

Tips To Lessen Cloud Security Fears

Simply because cloud computing is relatively new, it is still plagued with unfounded fears and doubts, the most prevalent of which is that of security. The truth is that it is just as safe as traditional networking technology, and sadly carries most of its vulnerabilities as well. But this just proves that it can be trusted in terms of security just as much as any technology we are using now. Granting, cloud computing is for the most part, just a new way of applying current technology.

To foster its adaption, we the proponents of cloud computing should try and convince the rest of the industry of its merits and dispel all the myths surrounding it. Let us start with the most prevalent hindrance to its adaption, security. So here are some tips in order to heighten our sense of security for cloud computing in general.

Choose wisely which applications are placed on the public cloud. The public cloud is the most convenient place for running our applications and placing our data because generally we are “hands off” when it comes to the maintenance, security, and general integrity of the aforementioned items. These are all taken care of by the service provider. But this in itself is kind of a security risk, having multiple individuals from a third party have access to your applications and data. We could never be sure about those persons because we would have no hand in hiring them and no idea of their backgrounds. So the best way for companies to do is plan ahead which mission critical applications and data go into the public cloud and which ones should be retained internally or invested into a more secure and hands on private cloud. Simpler things like websites, testing applications, product catalogs and specifications would probably be safe with the default cloud security being provided. Applications and data which are more sensitive or classified should be kept close at hand.

Evaluate the required layers of security. We are a paranoid bunch of creatures and often feel safer when there are layers upon layers of something to protect us. For example two locks make you feel safer than just one, a belt ensures you that your pants will not fall even if they already are a perfect fit, and we of course would feel safer in a tank rather than in a glass house when guns are involved.

This goes the same for our sensitive data. Always make sure that there are other security measures in place just in case one of them happens to fail, but you must also make certain that this kind of data or application also requires extra security and, hence justifying the extra cost. Authentication layers would greatly help in this regard. This is important because some types of application and data might simply not be worth enough for anyone to try and steal them, so they also require little security.

Find the perfect third party security auditing services. We simply can’t take anyone’s word for anything especially is security is involved. Though it could be true that your service provider is a real security expert, it often helps to increase our peace of mind knowing that another supposedly expert party is reinforcing this fact. In short get the opinions of other security experts by having them periodically audit your service.

Security should be front and center in your SLA. When drafting the service level agreement with your provider, make sure that security is being reinforced as highly important. Make sure that there are available auditing tools and reporting functions, otherwise the contract would be useless without any way of assessing how the security is holding up.

By Salam Abdul

Sorry, comments are closed for this post.

Comics
Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Secure Third Party Access Still Not An IT Priority Research has revealed that third parties cause 63 percent of all data breaches. From HVAC contractors, to IT consultants, to supply chain analysts and beyond, the threats posed by third parties are real and growing. Deloitte, in its Global Survey 2016 of third party risk, reported…

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US. The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about…

Four Trends Driving Demand For Data Security In 2017

Four Trends Driving Demand For Data Security In 2017

Data Security Trends 2017 will be a hallmark year for security in the enterprise as all industries have reached a tipping point with respect to cloud and mobile adoption, forcing more and more data beyond the corporate firewall. Over 100 IT executives weighed in on their plans for 2017 in our latest survey; buried among…

Three Challenges of Network Deployment in Hyperconverged Infrastructure for Private Cloud

Three Challenges of Network Deployment in Hyperconverged Infrastructure for Private Cloud

Hyperconverged Infrastructure In this article, we’ll explore three challenges that are associated with network deployment in a hyperconverged private cloud environment, and then we’ll consider several methods to overcome those challenges. The Main Challenge: Bring Your Own (Physical) Network Some of the main challenges of deploying a hyperconverged infrastructure software solution in a data center are the diverse physical…

The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, competitors and even foreign governments. Every day, we hear about how another retailer, bank or Internet company has been hacked and private information of customers or employees stolen. Governments and oversight organizations are responding to…

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Success for Today’s CMOs Being a CMO is an exhilarating experience – it’s a lot like running a triathlon and then following it with a base jump. Not only do you play an active role in building a company and brand, but the decisions you make have direct impact on the company’s business outcomes for…

Disaster Recovery – A Thing Of The Past!

Disaster Recovery – A Thing Of The Past!

Disaster Recovery  Ok, ok – I understand most of you are saying disaster recovery (DR) is still a critical aspect of running any type of operations. After all – we need to secure our future operations in case of disaster. Sure – that is still the case but things are changing – fast. There are…

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud: Is It Really Worth It?

Cost of the Cloud Cloud computing is more than just another storage tier. Imagine if you’re able to scale up 10x just to handle seasonal volumes or rely on a true disaster-recovery solution without upfront capital. Although the pay-as-you-go pricing model of cloud computing makes it a noticeable expense, it’s the only solution for many…