One of the biggest innovations of this game-changing decade is cloud computing. Abandoning purely internal applications and data storage is set already underway with consumers, small businesses and large businesses, applications and data in the cloud. The ubiquitous question, however, whether it is safe to do so. IT security in the cloud is the biggest concern among those the technology under consideration by far. And if you are an IT manager, it's good to be paranoid. Losses from cybercrime and the attack can be enormous, and 2008 show the CSI Computer Crime and Security Survey, an annual average total loss of $ 300,000 beat.
It may seem like a leap of faith seem to put their valuable data and applications in the cloud, and rely more on the security of cloud computing to third parties. But faith is not part of the equation, it should not be. Every company needs to know that their data and applications are secure, and the issue of security should be handled in the cloud.
In fact, cloud security has several advantages. According to NIST include cloud security benefits:
move or data to an external public cloud reduces internal exposure of sensitive data
Ceiling or homogeneity makes security monitoring / testing easier
or Cloud enable the management of automated security
or redundancy / disaster recovery
The four points are in order. Cloud providers are incorporated cloud as part of their business models, which often would a single user generally naturally strict IT security. In this sense, it is to provide not only a question of the cloud vendors more security, the point is rather that the precautions that employ individual companies should, but often do not.
A common security model
Most application providers require a certain level of security to their applications, but concerns about international laws that protect privacy in the cloud application providers their own proprietary methods for Cloud Security implement computer data occur exposure to foreign companies, isolated approaches authentication and role-based and leakages in the access of multi-tenant architectures. Security issues have delayed the introduction of the technology of cloud computing, but should be no problem.
The nature of a cloud platform is that it imposes an instance of common software components that can be used by developers to write their applications to "pin" without from scratch. This advantage is particularly useful in the field of security. The "platform as a" cloud service provides an elegant solution to the security problem by a standard security model implementation of authentication for the privacy policies and user permission to manage the would immediately benefit from solid model and the safety of the standard platform role-based access, secure storage, Multi -Tenancy and. Consequently, any SaaS application on a common platform.
physical security than the cloud provider
Lack of physical security is the cause of a large amount of loss and internal attacks represent a surprisingly high percentage of loss. And while the specter of black hats piracy in the network of a third world country is very real, very often, the "black hat" is actually a trusted employee. It's the kind of lunch with accounting. There is the lady who brings you coffee in the morning and always remember, you want two lumps of sugar. He is a recent graduate from college with a lot of potential, he has done a great job in the last report.
Of course, can attack your network and data insider, no matter where it is, it is only a matter of incentives and information, but the proximity of equipment and real data, it is much easier to access and cloud tend datacenters better internal physical security protocols, including locked rooms, controlled access and other measures against theft and physical manipulation to protect.
Conclusion: Superior by cloud security
In addition to physical security, is the technical safety of the utmost importance. Accommodation own servers and applications require additional measures. A large organization need to implement dedicated security only the IT staff. Cloud computing, on the other hand, the security on the basis of cloud computing directly into the cloud platform. Although the company does not have to maintain the safety of the house, in any case, the supplier must ensure that applications and data are secure against attacks.
We tend to believe that he is in control of all things inherently safer if it is not. Small businesses can all security personnel trained in the house is missing, and often large companies do not simply have the resources to devote to the implementation of strict safety on a continuous basis. A cloud computing provider, maintains on the other hand, the service and security personnel trained in the company to a detailed level agreement often provides increased safety of alternative, provide at home compared.
For more information about cloud computing, please visit http://www.cloudipedia.com for a free copy of "Cloud Computing Made Easy". Cloudipedia is a property of the Virtual Global, a business solutions provider and cloud-ready team Host ?? to build cloud computing platform for SaaS applications without programming.
