Skip to main content

How to avoid security pitfalls of Cloud Computing?

Steve, CTO at Secerno has written a neat article on security around CC.

Demystifying cloud computing

The realities of cloud computing are that it is driven by economics; and reducing cost does not always mean an improvement in security. Securing data isn't an easy task and exposing services and moving data outside an organisation does not automatically make data security easier, it can actually make it more complex. Those adopting cloud computing must remember it is the responsibility of the data owner, not the service provider to secure valuable data.

There are many myths surrounding the security of cloud computing, which need to be addressed to enable businesses to get the full benefits of this technology. Design and implementation of access controls is just as important and easy to get wrong in-the-cloud as it is in any IT system, but exposure to remote attackers is higher in-the-cloud, accentuating the risks. There is a perception that cloud computing removes data compliance pains, however it should be clear that the data owner is still fully responsible for compliance. Furthermore, concentrating several companies' mission critical data in a single location provides an enriched target that will inevitably attract the forces of e-crime. Hackers only have to get lucky once – the cloud must defend the data from all misuse – a tough job!

Cloud computing is not necessarily more secure; applications with years of expert development still contain undiscovered vulnerabilities that can be a risk to data security. There is insufficient evidence that cloud computing providers have got it right yet; nor for that matter, have the organisations in determining and enforcing which users have access to what.

Cloud applications undergo constant feature additions and users must keep up to date with the application improvements to ensure they are protected. This means that users have to constantly upgrade as an older version will not function, or protect the data.


Source

Comments

  1. Wow, where to start...

    Not for nothing, but I'm not sure this article demystified anything other than the fact that re-hashing the same privacy arguments brought forward by SaaS years ago is certainly a new trend.

    I do take argument with this statement however:

    "Those adopting cloud computing must remember it is the responsibility of the data owner, not the service provider to secure valuable data."

    ...actually it's the responsibility of BOTH parties. If it isn't, the folks negotiating your partner contracts ought to look for other work. BOTH parties are stewards of the information and should exercise due care in protecting it.

    Further, it's really odd that somehow the "cloud" means "massively distributed." That's not really the case with most SaaS offerings re-branded as "cloud offerings." There are LOTS of clouds, but that doesn't mean they are interconnected, federated or widely distributed outside of the datacenters serving them.

    OK, I sense a blog post coming...

    /Hoff

    ReplyDelete
  2. Wow, where to start...

    Not for nothing, but I'm not sure this article demystified anything other than the fact that re-hashing the same privacy arguments brought forward by SaaS years ago is certainly a new trend.

    I do take argument with this statement however:

    "Those adopting cloud computing must remember it is the responsibility of the data owner, not the service provider to secure valuable data."

    ...actually it's the responsibility of BOTH parties. If it isn't, the folks negotiating your partner contracts ought to look for other work. BOTH parties are stewards of the information and should exercise due care in protecting it.

    Further, it's really odd that somehow the "cloud" means "massively distributed." That's not really the case with most SaaS offerings re-branded as "cloud offerings." There are LOTS of clouds, but that doesn't mean they are interconnected, federated or widely distributed outside of the datacenters serving them.

    OK, I sense a blog post coming...

    /Hoff

    ReplyDelete

Post a Comment

Popular posts from this blog

Get Vyatta Virtual Appliance, now VMware certified!

We all know Vyatta, don't we?

Vyatta, the leader in Linux-based networking, today announced that its open-source networking software has received VMware Virtual Appliance Certification, thereby providing customers with a solution that has been optimized for a production-ready VMware environment. The company also announced it has joined the VMware Technology Alliance Partner (TAP) Program. As a member of TAP, Vyatta will offer its solutions via the TAP program website. With the Vyatta virtual appliance for VMware environments, organizations can now include Vyatta’s router, firewall and VPN functions as part of their virtualized infrastructure.

Vyatta combines enterprise-class routing and security capabilities into an integrated, reliable and commercially supported software solution, delivering twice the performance of proprietary network solutions at half the price. Running Vyatta software as virtual appliances gives customers many more options for scaling their data centers and cons…

3PAR adds native LDAP support to simplify administration

3PAR®, the leading global provider of utility storage, announced today native support for lightweight directory access protocol (LDAP). Support for LDAP enables centralized user authentication and authorization using a standard protocol for managing access to IT resources. With 3PAR’s support for LDAP, customers are able to now integrate 3PAR Utility Storage--a simple, cost-efficient, and massively scalable storage platform—with standard, open enterprise directory services. The result is simplified security administration with centralized access control and identity management.

“3PAR Utility Storage already provides us with a reliable, shared, and easy-to-use consolidated storage platform,” said Burzin Engineer, Vice President of Infrastructure Services at Shopzilla. "Now, with 3PAR support for LDAP, managing security commonly--across all our resources, including storage--is also simple and efficient.”

Press Release

DeepLearningTrucker Part 1