Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

Tips To Lessen Cloud Security Fears

Tips To Lessen Cloud Security Fears

Simply because cloud computing is relatively new, it is still plagued with unfounded fears and doubts, the most prevalent of which is that of security. The truth is that it is just as safe as traditional networking technology, and sadly carries most of its vulnerabilities as well. But this just proves that it can be trusted in terms of security just as much as any technology we are using now. Granting, cloud computing is for the most part, just a new way of applying current technology.

To foster its adaption, we the proponents of cloud computing should try and convince the rest of the industry of its merits and dispel all the myths surrounding it. Let us start with the most prevalent hindrance to its adaption, security. So here are some tips in order to heighten our sense of security for cloud computing in general.

Choose wisely which applications are placed on the public cloud. The public cloud is the most convenient place for running our applications and placing our data because generally we are “hands off” when it comes to the maintenance, security, and general integrity of the aforementioned items. These are all taken care of by the service provider. But this in itself is kind of a security risk, having multiple individuals from a third party have access to your applications and data. We could never be sure about those persons because we would have no hand in hiring them and no idea of their backgrounds. So the best way for companies to do is plan ahead which mission critical applications and data go into the public cloud and which ones should be retained internally or invested into a more secure and hands on private cloud. Simpler things like websites, testing applications, product catalogs and specifications would probably be safe with the default cloud security being provided. Applications and data which are more sensitive or classified should be kept close at hand.

Evaluate the required layers of security. We are a paranoid bunch of creatures and often feel safer when there are layers upon layers of something to protect us. For example two locks make you feel safer than just one, a belt ensures you that your pants will not fall even if they already are a perfect fit, and we of course would feel safer in a tank rather than in a glass house when guns are involved.

This goes the same for our sensitive data. Always make sure that there are other security measures in place just in case one of them happens to fail, but you must also make certain that this kind of data or application also requires extra security and, hence justifying the extra cost. Authentication layers would greatly help in this regard. This is important because some types of application and data might simply not be worth enough for anyone to try and steal them, so they also require little security.

Find the perfect third party security auditing services. We simply can’t take anyone’s word for anything especially is security is involved. Though it could be true that your service provider is a real security expert, it often helps to increase our peace of mind knowing that another supposedly expert party is reinforcing this fact. In short get the opinions of other security experts by having them periodically audit your service.

Security should be front and center in your SLA. When drafting the service level agreement with your provider, make sure that security is being reinforced as highly important. Make sure that there are available auditing tools and reporting functions, otherwise the contract would be useless without any way of assessing how the security is holding up.

By Salam Abdul

About CloudBuzz

Daily tech news snapshots and insights from around the world...


(ISC)2 and Cloud Security Alliance Host Cloud Security Summit to Help Cybersecurity Pros Securely Harness Cloud Technologies

By CloudBuzz | September 22, 2017

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit Research cites strengthening of cloud security skills top priority over next three years CLEARWATER, Fla. ,Sept. 22, 2017 /PRNewswire-USNewswire/ — (ISC)² today announced it’s partnering with the Cloud Security Alliance (CSA) for the CSA…

Exclusive: T-Mobile, Sprint close to agreeing deal terms – Sources

By CloudBuzz | September 22, 2017

(Reuters) – T-Mobile US Inc (TMUS.O) is close to agreeing tentative terms on a deal to merge with peer Sprint Corp (S.N), people familiar with the matter said, a major breakthrough in efforts to merge the third and fourth largest…

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…