Common Concerns That People Have When Considering Using Cloud Computing
- How Do I Insure That My Data is Safe and Secure Out In the Cloud?
- How Do I Get the Benefits of the Cloud Computing without the worries of data being stolen or compromised?
For corporations, cloud can be a dangerous place where competitors and strangers may share the same physical servers, storage, and data paths. Cloud service providers must provide the proper security
mechanism to insure that customer data is safe and secure and no one else can intentionally or inadvertently get that data.
Cloud Computing Implications and Requirements
Let's examine the implications of cloud computing and what are required to make cloud computing safe and secure:
1. Cloud computing means that physical computing resources are shared among customers. Cloud service providers must insure that data in servers, storage, and in transit for each customer is safe and
2. Cloud computing makes all accesses remote. Users inside corporate LAN are now all remote users. In order to insure that only authorized users can access certain cloud computing resources,
each user should have separate and secured communications path.
3. All end point devices must be checked for security compliance and all users must be authenticated and authorized before access to the
cloud resources is granted.
Traditional security defense point solutions – network firewalls, IPS, IDS, anti-virus solution, etc. are no longer effective in securing enterprise applications in an open environment where physical
computing resources and data center LAN infrastructure are shared among customers.
In order to meet the requirements identified above, cloud computing services must have end-to-end security that:
1. Protects server data (at rest) against theft and unauthorized access
2. Protects data in transit between servers and all the way to client end points
3. Insures client end
points are clean and non-intrudeable. With comprehensive end point security check to insure that only the authorized people and devices get access and the client ends are free of viruses and malwares, these end
points must be inspected before allowing access to the cloud resources. This includes end-point security compliance, end-point/user authentication, user based granular access control, data leakage prevention,
logging and audit, and data cleanup
This means only authorized users and security compliant devices are allowed to access servers and storage in the cloud, each user and device should have separate and secure communication path, and the
cloud computing resources must be secured as well. This forms an air tight secured cloud computing environment for each customer.