Gauging Cloud Security

Share  
1  |  2  |  3  |  4  |  5  |  6  |  7  |  8
Previous Next

Click through to see the seven most pressing issues facing your enterprise in the cloud.

When it comes to security and the cloud, there are many arguments both for and against. Some argue that the cloud is inherently more secure because the amount of money and the caliber of the people that any cloud computing service can throw at the problem are greater than any IT organization. Others argue that it’s only a matter of time before there is a catastrophic security breach in a cloud computing service that will affect thousands of companies and potentially millions of users.

Like all great debates, the truth lies somewhere in between, and many people will use security as a proxy for why a company should or shouldn't embrace cloud computing. The Cloud Security Alliance (CSA) and Hewlett-Packard at the RSA Conference 2010 will today during a Cloud Security Summit issue a Top Cloud Security Threats Report that outlines the real possible threats to security that might result from using a cloud computing service if enterprise customers are not careful.

According to Dennis Hurst, senior applications and security specialist for HP Software, the goal of the report is not to scare people away from cloud computing, but rather dispel some of the myths. When the seven issues outlined in the report are considered in full, the issues associated with security in the cloud have little to do with anything specific to cloud computing itself. It's just that given the scale of any cloud computing service, the potential risks associated with a security issue are immense.

Two key points made in the report are the observation that the defense in-depth capabilities of many cloud computing providers is not all equal, which in some cases may result in little more than a thin line of security at the edge of the cloud computing service. Worse yet, the cloud computing service itself may be secure, but the transport mechanisms between the cloud and the customer have been left completely unprotected.

Hurst advises customers to evaluate potential cloud computing providers using the threats outlined in the report as a guideline and consider the risks involved relative to the value of the data. This issue, in particular, is critical when deciding what the ultimate value of security is to the business, he adds. All too often, Hurst said, companies spend massive amounts of money securing data that has little to no value, while leaving the crown jewels of the company exposed in any number of ways.

Or to quote the authors of the report, CSA guidance must be applied in the context of business mission, risk, rewards, and cloud threat environment using sound risk management practices.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

AppRiverScamPreventionTips0x Five Tips to Avoid Falling Victim to Online Scammers

While vendors are busy planning ways to push sales even higher in 2014, you can be certain that just as many cyber criminals are plotting to profit from this year's "season of goodwill." ...  More >>

HAXLR8RStartups0x Robotics Take Center Stage: Ten New Hardware Startups

Recently, HAXLR8R held its Demo Day in San Francisco, where it revealed its fifth class of new hardware startups, which span the markets from wearables to security to biology. ...  More >>

Security49-190x128 Using Tokenization for Superior Data Security

With the launch of ApplePay for secure online and mobile payments, tokenization has become a hot topic in data security. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Thanks for your registration, follow us on our social networks to keep up-to-date