Technology News

latest updates from easySERVICE™

Cloud Data Security and Privacy One of the Top Concerns

Cloud Data Security

Introduction:

Today, everything is mobile, connected, interactive, immediate, and fluid. As business expectations are high, it mounts pressure on service delivery. IT organizations, such as yours, are required to provide technology‑enabled services to the business users and customers, whenever and wherever they need them—cost-effectively, securely, and quickly. This is one of the driving forces behind the rise of cloud computing.

Cloud computing can provide new levels of collaboration, agility, speed, and cost savings for enterprises of any size and type. But getting the most out of the cloud is not a simple exercise. All services are not created equal. Each has its own requirements in terms of performance, security, control, and availability.

Almost all analyst and industry surveys list data security and privacy as top concerns for CIOs. While organizational computing resources and data in the cloud are attractive targets for attackers, the cloud computing characteristics and their associated focus on virtualization technology are driving an important change in the security focus areas.

How to protect both your physical and virtual assets, as well as data in the cloud

Only after you’ve developed a clear picture of these cloud-related focus areas, the associated risks, and your risk appetite, can you start properly defining, planning, designing, and implementing the security architecture and controls for your cloud services. To make a successful move to the cloud, you must evaluate a number of risks and manage these risks over time. These risks relate to:

  • Security of cloud access devices
  • Security and availability of the cloud platform
  • Identity and access management for the cloud
  • Security and compliance management for the cloud
  • Security impact for cloud stakeholders

Top threats in the cloud

  • Abuse and nefarious use of cloud computing
  • Vulnerable application programming interfaces
  • Malicious insiders
  • Unknown risk profile
  • Shared technology vulnerabilities
  • Data loss/leaks
  • Account, service, and traffic hijacking 

Security and compliance management for the cloud

Security management services for the cloud consist of a set of ITIL-driven management services with security impact and services such as vulnerability, compliance, and security patch management. Management services with security impact include change, incident, configuration, capacity, and availability management.

Security and compliance management for the cloud requires more than just security products; it also involves security-minded people, processes, policies, procedures, and proof to ensure that the environment operates at a certain security level. Experts refer to this as the P5 model:

  • P1—People: Ensure that the right employees with the right knowledge perform the correct roles to oversee cloud computing security.
  • P2—Policies: Ensure that the right set of policies and procedures are in place to govern the security and continuity of the cloud.
  • P3—Processes: Ensure that proper security and business‑continuity‑process models are in place to safeguard the transfer of data between the consumers and the provider of private cloud services; and ensure proper and secure operation of the cloud services.
  • P4—Products: Ensure that the appropriate defense‑in‑depth technologies and solutions are in place to manage and mitigate security risks.
  • P5—Proof: Provide validation methods, metrics, and key performance indicators to track the effectiveness of security controls in the cloud.

You need to define additional security controls to protect information assets migrated to different cloud environments, and to ascertain that the IT risk framework is extended into the cloud computing model and design. Your current investments in security need to be maintained while complying with new industry regulations—without impacting performance and availability.

Cloud Protection Program and Services can also help define and build specific security controls for VMware and Microsoft® virtualization environments.

Conclusion:

Cloud computing presents many new opportunities for you to enrich your service offerings and save costs. But at the same time, the cloud also brings new security challenges. With cloud services, the entire security ecosystem is no longer under your control and must be extended into the cloud. General security requirements that have traditionally applied to on-premise IT infrastructures are still applicable and become even more critical in the cloud.

To cope with these security challenges, you must start off with comprehensive risk understanding and analysis, as well as the creation of a proper governance, risk, and compliance program that is tailored to the cloud. You must then lay out a high-level security architecture for your cloud-based services.

Our experts can help secure your cloud no matter what services you want to provide.

  • Discovering more than four times as many critical application vulnerabilities as other solutions in the market combined
  • Preventing 550 million junk mails and 1.7 billion spam messages from reaching users monthly
  • Detecting and quarantining 45 million instances of malware annually
  • Securing more than 1 million applications and 2 billion lines of code
  • Collecting, storing, and processing 3.5 billion events daily
  • Supporting more than 3.8 million smartcards, 1.3 million tokens, 34 certificate authorities, and 54 million usernames and passwords

In a world where everything has to be “always on,” it’s crucial to have complete command over your technology environment. You need a trusted advisor who understands where your business should go and the technology decisions you need to make to get there. Combining technology intelligence and know-how with business intelligence, our service professionals have been helping organizations across the globe meet their evolving needs. They can do the same for you.

It’s about real partnership. Our consultants and support experts can work with you to transform IT, converge infrastructure, and keep technology running. At easySERVICE, we believe security for the cloud era should be information centric, built in, adaptive, and proactive. We can help you properly respond to this new threat landscape and efficiently deal with the new security dynamics.

Advertisements

One comment on “Cloud Data Security and Privacy One of the Top Concerns

  1. StellarPhoenixS
    April 14, 2014

    Reblogged this on Stellar Phoenix Solutions.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: