Cloud Computing News

The ever-present question however, is whether it is safe to put mission-critical data on the cloud. The very term “cloud” implies that your sacred information is being stored someplace, and you probably don’t even know where or how. To little surprise, security is the far biggest concern among those considering cloud technology.

Yet, cloud computing is too big to ignore. It is likely the most significant shift in computing paradigms in the past 30 years. That shift is well underway, with consumers, small and midsize businesses, and even large enterprises putting applications and data into the cloud. They are shifting from pure on-premises applications and data storage to virtualized servers with hopefully reputable vendors.

If you’re an IT manager, it’s good to be paranoid. Losses from cybercrime and attack can be enormous, and the 2008 CSI Computer Crime and Security Survey show an overall average annual loss of just under $300,000.

It may seem like a leap of faith to put your valuable data and applications in the cloud, and to trust cloud computing security to a third party. Yet faith is not a part of the equation, nor should it be. Every enterprise needs to know that its data and applications are secure, and the question of cloud computing security must be addressed.

In fact, the cloud does have several security advantages. According to NIST, these cloud computing security advantages include:

· Shifting public data to a external cloud reduces the exposure of the internal sensitive data

· Cloud homogeneity makes security auditing/testing simpler

· Clouds enable automated security management

· Redundancy / Disaster Recovery

All four points are well taken. Cloud providers naturally tend to include rigorous cloud computing security as part of their business models, often more than an individual user would do. In this respect, it’s not just a matter of cloud computing providers deploying better security, the point is, rather, that they deploy the precautions that individual companies should, but often don’t.

Is 2010 the year of cloud platforms?

Most application providers impose some level of security with their applications, although when cloud application providers implement their own proprietary approaches to cloud computing security, concerns arise over international privacy laws, exposure of data to foreign entities, stovepipe approaches to authentication and role-based access, and leaks in multi-tenant architectures. These security concerns have slowed the adoption of cloud computing technology, although it need not pose a problem.

Are cloud “platforms as a service” the answer? The very nature of a cloud platform is that it imposes an instance of common software elements that can be used by developers to “bolt on” to their applications without having to write them from scratch. This advantage is especially useful in the area of security. The cloud platform brings an elegant solution to the security problem by implementing a standard security model to manage user authentication and authorization, role-based access, secure storage, multi-tenancy, and privacy policies. Consequently, any SaaS

Comments are closed.