Five Best Practices for Cloud Security
Tips on how to better secure your cloud computing environment.
Even as people become more familiar with cloud computing and more willing to adopt it into their business, there is still a lot of fogginess when it comes to cloud security. Most IT professionals don’t trust it.
That’s what GreenSQL found in its October survey. According to the results, 81 percent of IT professionals have serious security concerns about the cloud. GreenSQL asked one question in its survey: What is your main security concern when moving your database to the cloud? The results were:
- 31 percent: I do not trust the level of security in cloud services
- 28 percent: Compliance and regulations requirements do not allow moving data to the cloud
- 22 percent: I cannot control my data on the cloud
- 19 percent: Cloud services are not mature yet
Those results mesh well with the general comments I hear and read when talking to IT professionals about the cloud. But is cloud security as scary as it is made out to be?
Bernard Golden at CIO thinks there is too much attention paid to cloud security and that is slowing down adoption of cloud computing in the enterprise space. He pointed out other areas where IT departments don’t question adoption of a technology because of security issues. So why is cloud security suddenly an issue? And then he added that the cloud may actually benefit the company’s overall security:
For many organizations and users, public cloud computing actually represents a huge step upward in security. I recently talked to the CEO of a small healthcare SaaS provider called Healthonomy, which leverages Amazon Web Services to achieve HIPAA compliance. Using AWS made this possible, because it’s unlikely that this tiny company, should it use its own data center or a colocation facility, could afford to implement the infrastructure requirements necessary to achieve HIPAA compliance, the CEO says. Moreover, he adds, Amazon’s security was enormously better than the “PC under someone’s desk” situation typical of Healthonomy’s small-practice physician customers.
I think Golden may be on to something. I don’t think it is cloud security in and of itself that is the problem, but rather it is an excuse because of all the unknowns in the cloud. Take another look at the responses to the GreenSQL survey. Yes, they worry about it, but, overall, they are worried about the unknown. They worry about what they can’t control.
If cloud security is the excuse for avoiding cloud adoption, the solution may be better overall education on cloud computing in general. Yes, there are security concerns, but as Golden pointed out, security concerns are everywhere, and perhaps, after understanding how the cloud and cloud security works, it may turn out to be the best security option available for your business.