Cloud Services and Cloud Hosting are rapidly transforming the IT landscape. Enterprises are showing strong interest in outsourced cloud service offerings that can help them reduce costs and increase business agility. These cloud services offer enormous economic benefits but they also pose significant potential risks for companies that must safeguard corporate information assets while complying with industry and government regulations.
Cloud Computing offers new Opportunities as well as new security challenges…
Most organizations consider cost savings as the biggest benefit to cloud computing services. Cloud services offers lower IT capital expenditures and operating costs, on-demand capacity with self-service provisioning, and pay-per-use pricing models for greater flexibility and agility. The cloud services provider achieves exponentially greater economies of scale by providing a standardized set of computing resources to a large base of customers. Many cloud hosting providers are already well positioned in the market and have the core competencies to deliver cloud computing.
Despite the clear financial benefits of cloud services there are concerns about security, compliance and data privacy. A recent survey of IT executives reveals that security is the #1 challenge facing IT cloud services. The report has identified seven specific areas of security risk associated with enterprise cloud computing, and recommends that organizations address several key issues when selecting a cloud hosting provider:
ü Access Privileges – Cloud service providers should be able to demonstrate they enforce adequate hiring, oversight and access controls to enforce administrative delegation.
ü Regulatory compliance – Enterprises are accountable for their own data even when it’s in a public cloud, and should ensure their providers are ready and willing to undergo audits.
ü Data Provenance – When selecting a provider, ask where their datacenters are located and if they can commit to specific privacy requirements.
ü Data Segregation – Most public clouds are shared environments, and it is critical to make sure hosting providers can guarantee complete data segregation for secure multi-tenancy.
ü Data Recovery – Enterprises must make sure their hosting provider has the ability to do a complete restoration in the event of a disaster.
ü Monitoring and Reporting – Monitoring and logging public cloud activity is hard to do, so enterprises should ask for proof that their hosting providers can support investigations.
ü Business Continuity – Businesses come and go, and enterprises should ask hard questions about the portability of their data to avoid lock-in or potential loss if the business fails.
The benefits of cloud computing without increasing security and compliance risks, enterprises must ensure they work only with trusted service providers that can address these and other cloud security challenges. When enterprises move from using just one cloud-based service to using several from different providers, they must manage all these issues across multiple operators, each with different infrastructures, operational policies, and security skills. This complexity of trust requirements drives the need for a ubiquitous, highly reliable method to secure your data as it moves to, from and around the cloud.
Welcome to Worry-Free iT!