RANSOMWARE TRACKING MAPS

Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

Is My Public Cloud Too Public? Part 5

Is My Public Cloud Too Public? Part 5 (Conclusion)

Continued From Part 4

The ideal cloud equation

Control + Visibility = Trust

A cloud deployment that overcomes these myths is built on trust. Trust cannot be achieved without control and visibility across the cloud infrastructure, identities, and information.

Control

  • Availability: Ensure access to resources and recovery following disruption or failure.
  • Integrity: Guarantee that only authorized personnel can access specific information and applications.
  • Confidentiality/privacy: Protect how information and personal data is obtained and used

Visibility

  • Compliance: Comply with specific legal requirements, and industry standards and rules.
  • Governance: Establish usage rights and enforce policies, procedures, and controls.
  • Risk management: Manage threats to business disruptions or derived exposures.

Changing realities

Cloud computing promises to change the economics of the datacenter, but before sensitive and regulated data move into the public cloud, issues regarding security standards and compatibility must be addressed, including strong authentication, delegated authorization, key management for encrypted data, data loss protection, and regulatory reporting. All these are elements of a secure identity, information and infrastructure model, and are applicable to private and public clouds as well as to IAAS, PAAS and SAAS services.

While security emerges as a major concern among the barriers to adoption of cloud computing, the key to understanding security in cloud computing is to realize that the technology is not new or untested. It represents the logical progression to outsourcing of commodity services to many of the same trusted IT providers we have already been using for years.

Having said that, cloud security is part of the inevitable progression of IT. It must be embraced by organizations if they wish to stay competitive. Companies who approach cloud computing with a mature attitude need not be afraid of entering the cloud due to security concerns. Dealing with security in the cloud is no more difficult than addressing it internally. And there are steps you can take that can make cloud security just as effective—or even more so—as your internal IT.

By Gopan Joshi

Gopan is Product Manager: Cloud Computing Services, Netmagic Solutions Pvt. Ltd. and has expertise in managing products and services in various market scenarios and life cycle stages. His experiences ranges from introducing cutting edge innovations in existing products, existing markets to new technology, new markets

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as technology related infographics and comics.

SYNDICATED NEWS SOURCES

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit to Help Cybersecurity Pros Securely Harness Cloud Technologies

By CloudBuzz | September 22, 2017

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit Research cites strengthening of cloud security skills top priority over next three years CLEARWATER, Fla. ,Sept. 22, 2017 /PRNewswire-USNewswire/ — (ISC)² today announced it’s partnering with the Cloud Security Alliance (CSA) for the CSA…

Exclusive: T-Mobile, Sprint close to agreeing deal terms – Sources

By CloudBuzz | September 22, 2017

(Reuters) – T-Mobile US Inc (TMUS.O) is close to agreeing tentative terms on a deal to merge with peer Sprint Corp (S.N), people familiar with the matter said, a major breakthrough in efforts to merge the third and fourth largest…

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…