Saturday 24 November 2012
Choosing Cloud Services
For most people contemplating storing their data in the cloud, the most prevalent issue is keeping precious data safe and secure, making sure it’s private and will never be corrupted or lost. Creating a secure cloud environment is a complex process, and must take every step possible to guarantee your documents are protected and dispel any worries those new to the cloud may have.
Ensuring your computer data is protected from threats has always required more than just technical solutions, such as administrative, physical and organizational policies, procedures and documentation. The non-technical requirements (e.g., administrative, physical and organizational policies, procedures and documentation) are simpler to satisfy when the data resides on your local computer or on a server controlled by your enterprise. Locality is used to meet many of the non-technical requirements.
Cloud computing changes all of this by removing our dependencies on the locality of our data and requiring us to put trust in a third-party provider – the cloud. Although cloud computing can offer significant cost savings benefits and shorter development life cycles, the service comes with major security risks that exponentially enhance the cyber-security challenges. The challenges include the cloud provider outsourcing data and computer services; access control; trustworthy service metering; multi-tenancy and privacy; and legality.
A good Network Security Designer understands these challenges and architects and designs products to ensure the security requirements are satisfied. As you evaluate potential cloud-based services, keep these security guidelines in mind.
1. Secure Data Transfer – The cloud storage service should ensure the data is always traveling on a secure channel and is encrypted and authenticated using industry standard protocols, such as IPsec.
2. Secure Stored Data – The cloud storage service should ensure the data is encrypted, protecting the data from improper disclosure. The data should be encrypted end-to-end – from the moment the data is created to when it is stored. If end-to-end is not possible, make sure it is encrypted before it is stored in the cloud.
3. Access Control – The cloud storage service should ensure improper disclosure of data to unauthorized users is prevented.
4. Data Separation – The cloud storage service should ensure data is guaranteed to be accounted for and separated from other users.
Don’t commit to a cloud storage provider before evaluating it for its security measures. Unsafe clouds may disperse your data to other users or make it inaccessible altogether.
Ensuring your computer data is protected from threats has always required more than just technical solutions, such as administrative, physical and organizational policies, procedures and documentation. The non-technical requirements (e.g., administrative, physical and organizational policies, procedures and documentation) are simpler to satisfy when the data resides on your local computer or on a server controlled by your enterprise. Locality is used to meet many of the non-technical requirements.
Cloud computing changes all of this by removing our dependencies on the locality of our data and requiring us to put trust in a third-party provider – the cloud. Although cloud computing can offer significant cost savings benefits and shorter development life cycles, the service comes with major security risks that exponentially enhance the cyber-security challenges. The challenges include the cloud provider outsourcing data and computer services; access control; trustworthy service metering; multi-tenancy and privacy; and legality.
A good Network Security Designer understands these challenges and architects and designs products to ensure the security requirements are satisfied. As you evaluate potential cloud-based services, keep these security guidelines in mind.
1. Secure Data Transfer – The cloud storage service should ensure the data is always traveling on a secure channel and is encrypted and authenticated using industry standard protocols, such as IPsec.
2. Secure Stored Data – The cloud storage service should ensure the data is encrypted, protecting the data from improper disclosure. The data should be encrypted end-to-end – from the moment the data is created to when it is stored. If end-to-end is not possible, make sure it is encrypted before it is stored in the cloud.
3. Access Control – The cloud storage service should ensure improper disclosure of data to unauthorized users is prevented.
4. Data Separation – The cloud storage service should ensure data is guaranteed to be accounted for and separated from other users.
Don’t commit to a cloud storage provider before evaluating it for its security measures. Unsafe clouds may disperse your data to other users or make it inaccessible altogether.
Subscribe to:
Posts (Atom)