Tips To Lessen Cloud Security Fears

Tips To Lessen Cloud Security Fears

Simply because cloud computing is relatively new, it is still plagued with unfounded fears and doubts, the most prevalent of which is that of security. The truth is that it is just as safe as traditional networking technology, and sadly carries most of its vulnerabilities as well. But this just proves that it can be trusted in terms of security just as much as any technology we are using now. Granting, cloud computing is for the most part, just a new way of applying current technology.

To foster its adaption, we the proponents of cloud computing should try and convince the rest of the industry of its merits and dispel all the myths surrounding it. Let us start with the most prevalent hindrance to its adaption, security. So here are some tips in order to heighten our sense of security for cloud computing in general.

Choose wisely which applications are placed on the public cloud. The public cloud is the most convenient place for running our applications and placing our data because generally we are “hands off” when it comes to the maintenance, security, and general integrity of the aforementioned items. These are all taken care of by the service provider. But this in itself is kind of a security risk, having multiple individuals from a third party have access to your applications and data. We could never be sure about those persons because we would have no hand in hiring them and no idea of their backgrounds. So the best way for companies to do is plan ahead which mission critical applications and data go into the public cloud and which ones should be retained internally or invested into a more secure and hands on private cloud. Simpler things like websites, testing applications, product catalogs and specifications would probably be safe with the default cloud security being provided. Applications and data which are more sensitive or classified should be kept close at hand.

Evaluate the required layers of security. We are a paranoid bunch of creatures and often feel safer when there are layers upon layers of something to protect us. For example two locks make you feel safer than just one, a belt ensures you that your pants will not fall even if they already are a perfect fit, and we of course would feel safer in a tank rather than in a glass house when guns are involved.

This goes the same for our sensitive data. Always make sure that there are other security measures in place just in case one of them happens to fail, but you must also make certain that this kind of data or application also requires extra security and, hence justifying the extra cost. Authentication layers would greatly help in this regard. This is important because some types of application and data might simply not be worth enough for anyone to try and steal them, so they also require little security.

Find the perfect third party security auditing services. We simply can’t take anyone’s word for anything especially is security is involved. Though it could be true that your service provider is a real security expert, it often helps to increase our peace of mind knowing that another supposedly expert party is reinforcing this fact. In short get the opinions of other security experts by having them periodically audit your service.

Security should be front and center in your SLA. When drafting the service level agreement with your provider, make sure that security is being reinforced as highly important. Make sure that there are available auditing tools and reporting functions, otherwise the contract would be useless without any way of assessing how the security is holding up.

By Salam Abdul

About Abdul

Abdul is a senior consultant with Energy Services, and author of numerous blogs, books, white papers, and tutorials on cloud computing and accomplished technical writer with CloudTweaks. He earned his bachelor’s degree in Information Technology, followed by an MBA-IT degree and certifications by Cisco and Juniper Networks.

He has recently co-authored: Deploying and Managing a Cloud Infrastructure: Real-World Skills for the CompTIA Cloud+ Certification (Wiley).

View All Articles

Sorry, comments are closed for this post.

Who’s Ready For The Cloud, And Can Deliver!

Who’s Ready For The Cloud, And Can Deliver!

Cloud Ready In my article last month, I discussed how the managed service provider (MSP) industry has been continuously urged to embrace the cloud, but in the end, could they? I answered the questions by describing several impediments and challenges that I believe are preventing MSPs from generating significant revenue and successfully fulfilling their client’s…

From Illusion To Reality: Up Personal On Cloud Computing Privacy

From Illusion To Reality: Up Personal On Cloud Computing Privacy

Cloud Computing Privacy We are under an illusion around the cloud computing. Without a doubt the benefits are incredible. However, cloud impacts personal user privacy and potentially exposes their private data in ways they may not have anticipated. Given that users don’t usually read the terms of service and privacy policies, it is unclear how…

OpenStack Interoperability – Dawn Of A New Era?

OpenStack Interoperability – Dawn Of A New Era?

The Interoperability Challenge! OpenStack has always had interoperability as one of its unique selling points. Simply put – you can use OpenStack on-premise and what you develop will also work with other OpenStack environments. Open APIs and open source is the common denominator. However until now, it has been an elusive feature or really dream…

Is Fear Holding Back a Next Generation of Cyber Security Approaches?

Is Fear Holding Back a Next Generation of Cyber Security Approaches?

Next Generation of Cyber Security As I walked through RSA last week, I was struck by the usual fear laden messages “You’re not safe and never will be but I (vendor) have a silver bullet that will protect you.” And, I wondered if this fear-based approach is deterring a badly needed next generation of cyber…

Disaster Recovery – A Thing Of The Past!

Disaster Recovery – A Thing Of The Past!

Disaster Recovery  Ok, ok – I understand most of you are saying disaster recovery (DR) is still a critical aspect of running any type of operations. After all – we need to secure our future operations in case of disaster. Sure – that is still the case but things are changing – fast. There are…

New Smartphones From Apple, Samsung and HTC Promise To Light Up 2016

New Smartphones From Apple, Samsung and HTC Promise To Light Up 2016

New Smartphones from Apple, Samsung and HTC (Sponsored post courtesy of Verizon Wireless) The launch of the Galaxy S7 Edge at the Mobile World Congress in Barcelona during February was the first shot in a vintage year for mobile phones. The S7 is an incredible piece of hardware, but launches from HTC and Apple later in the…

Featured Sponsored Articles
How Successful Businesses Ensure Quality Team Communication

How Successful Businesses Ensure Quality Team Communication

Quality Team Communication  (Sponsored post courtesy of Hubgets) Successful team communication and collaboration are as vital to project and overall business success as the quality of products and services an organization develops. We rely on a host of business tools to ensure appropriate customer interactions, sound product manufacturing, and smooth back-end operations. However, the interpersonal relationships…

Featured Sponsored Articles
How To Develop A Business Continuity Plan Using Internet Performance Management

How To Develop A Business Continuity Plan Using Internet Performance Management

Internet Performance Management Planning CDN Performance Series Provided By Dyn In our previous post, we laid out the problems of business continuity and Internet Performance Management in today’s online environment.  In this article, we will take a look at some of the ways you can use traffic steering capabilities to execute business continuity planning and…

Featured Sponsored Articles

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor