What is Cloud Security?

There are two aspects to Cloud Security. Firstly, cloud-based security software such as email virus scanning, anti-spam services, internet web threat protection and user monitoring services. These solutions are often cloud based – or a hybrid of on-remise and cloud-based software.
Secondly, there is a great deal of debate about the security of moving services to the cloud. This debate tends to concentrate on risk, data management and new models of federated security tools.

I’m interested in cloud-based security solutions. What do I need to know?
The first stop is Compare the Cloud’s cloud comparison tool – here we list many of the cloud-based security solutions available in the market.

I’m interested in the debate about whether moving my IT environments to a cloud-based Infrastructure as a Service (IaaS) model or Platform as a Service (PaaS) model is secure. What do I need to know?
Some people have expressed concern that moving to a cloud-based Infrastructure model is necessarily less secure than owning, hosting and maintaining IT infrastructure in-house. However, this isn’t necessarily the case; the security of each model will depend on how each environment is managed.

Some commentators have argued that fears about cloud security are more about a feeling of loss of control rather than based on solid security grounds: “Security has become a full-time job and requires a tremendous amount of expertise to do it right on-premises. For all the fear of the cloud, the fact is companies are routinely hacked, and many never even know it. In reality, your on-premises systems are not more secure than the cloud.”

Nevertheless, there are security risks inherent in any environment and the cloud is no exception. These need to be considered carefully and clear lines of responsibility drawn between cloud service provider (CSP) and customer.

What security measures does my CSP need to have in place?

Of course, security and data compliance requirements will vary depending on the industry you operate in and business policies. It is important to speak with your CSP to work out a model which matches your requirements.

The Cloud Security Alliance identifies fourteen areas that require consideration:

  • Cloud Architecture
  • Governance and Enterprise Risk Management
  • Legal
  • Contracts and Electronic Discovery
  • Compliance and Audit
  • Information Management and Data Security
  • Portability and Interoperability
  • Traditional Security
  • Business Continuity and Disaster Recovery
  • Data Centre Operations
  • Incident Response
  • Notification and Remediation
  • Application Security
  • Encryption and Key Management
  • Identity and Access Management
  • Virtualisation
  • Security as a Service
+ posts

Unlocking Cloud Secrets and How to Stay Ahead in Tech with James Moore

Newsletter

Related articles

Driving the Future of Connectivity with Data Centres

As an astonishing matter of fact, there are 5.3 billion people...

Willow’s Breakthroughs in Quantum Stability

The Start of a New Era Have you heard the...

Cloud Computing Demands Robust Security Solutions

Modern organisations are increasingly reliant on cloud computing to...

Unlocking the future of manufacturing; AIOps network optimisation

Global manufacturing activity has failed to show signs of...

Why is the hybrid cloud the future of computing?

Have you ever wondered how companies can benefit from...
Previous article
Next article