A common perception about cloud computing is that it is simply unsafe. Can a cloud, whether it's private or public, really offer the same level of security that traditional, on-premises IT does?
This year, cloud's 'unsecure' perception has slowly started to crumble under the weight of use cases and expert research, and because of this, cloud computing has gained a foothold in the enterprise IT market. This means that companies are looking more and more to advice on how to best secure a cloud environment, now that they're making the migration. Here are the top five tips on cloud computing security we’ve featured this year.
5. Cloud data security outside the vacuum: Find 'acceptable' levels of risk
Each enterprise is going to have a different opinion on what is an acceptable level of risk for their data. The key, according to cloud expert Tom Nolle, is to not view cloud computing security in a vacuum by looking only at the security of the application. Instead, an enterprise must look at the security of the cloud itself relative to their current data center hosting. This way, an enterprise can determine just how much risk they are willing to take on in a cloud migration.
4. Amid security concerns, cloud insurance makes headway in the enterprise
So you’ve made the decision to migrate to the cloud, and may have even chosen a provider. But you are still a bit apprehensive about the level of security you’ll have in the cloud and may be looking to third parties to help. Cloud expert Paul Korzienkowski discusses the pros and cons of purchasing cloud insurance – which is carving out a new market share among insurance providers -- to protect against potential losses. Korzienkowski claims that soon cloud providers may offer cloud insurance themselves as part of service-level agreements.
3. Four keys to implementing a cloud file-sharing policy in the BYOD era
Let’s face it: Employees are going use personal devices and share files whether you sanction it or not. So providing a safe, accessible way for them to do so is crucial. Cloud file-sharing services introduce a great deal of security risk unless properly managed. Dan Sullivan offers a four-point plan to craft an effective cloud syncing and file-sharing policy amid the bring-your-own-device (BYOD) era.
2. Clearing networking and security hurdles of private cloud adoption
As the cloud computing market evolved in 2013, a big mover was the private cloud sector. Private cloud, however, presents challenges that are similar to those in a virtualization project, according to Bob Plankers. Planning for building a private cloud can mean building on your IT group’s traditional security models and taking advantage of newer cloud tools and services. Getting each team involved early in the migration process will go a long way to ensuring a successful private cloud migration.
1. Securing data with Authentication as a Service in the cloud, mobile era
Managing users and their identities has gotten more difficult than ever for IT personnel as cloud services -- particularly Software as a Service (SaaS) --and mobile devices become more prevalent in the enterprise. While major security risks make headlines, such as outages and privacy scandals, cloud security pros face challenges every day with passwords and user logins. Single sign-on systems in the cloud, called Authentication as a Service (AaaS), can deliver many of the benefits found in SaaS to authentication management. Protecting your enterprise is job No. 1 for security pros, and AaaS seeks to do just that.
This was first published in December 2013