Story image

Five tips for tackling cloud security concerns

02 Nov 2015

Security concerns are still side-tracking many businesses as they begin their path to the public cloud. But it doesn’t have to be that way, says CompTIA.

The technology industry body says one of the top fears for businesses considering adopting public cloud infrastructure is the notion that it is public, and therefore unsecure.

“However, publicly-available cloud resources can be as secure as other computing environments through the joint efforts of IT and service providers,” CompTIA says.

Jim Hamilton, CompTIA vice president of member communities, says despite the questions security incidents raise, the transition to the cloud continues to accelerate, thanks to benefits that can be gained in areas such as agility and scalability.

“Companies beginning the long road to shifting their data and services to the public cloud often get side-tracked by security concerns,” Hamilton says.

“Most security concerns revolve around system outages and data loss. By identifying and mapping out how to respond to these concerns organisations can move forward knowing that their security is covered.” 

CompTIA says it has identified five ways organisations can tackle their security concerns: 

Know the risks One of the primary technologies supporting cloud computing is virtualisation, and it is important to understand how this may affect a security strategy, CompTIA says.

It says the management tools provided by virtualisation vendors can assist with the necessary activities to secure a virtual environment. The most important tool is a proper understanding of the environment and its risks, and knowledge of the governing policies used by cloud vendors to minimise them. 

Build on trust through evaluation. According to CompTIA’s ninth annual Information Security Trends study, 85% of cloud users report being confident or very confident in their cloud service provider’s security, despite the fact that only three in 10 customers report conducting a comprehensive review of the security policies, procedures and capabilities of their providers.

“This indicates that most public cloud customers place a lot of trust in their providers,” notes CompTIA. “However, it is important to back up this trust by evaluating cloud providers further in areas such as encryption policies and disaster recovery plans.” 

Understand that not all data is meant for the cloud All signs point to even greater levels of cloud adoption in the coming years, but it could be some time before organisations use the cloud for the majority of their systems. Certain types of data and applications, such as confidential financial data, credit card data, and sensitive IP will remain on-premise.

For organisations especially concerned about security, there will continue to be a need for secure on-premise solutions, CompTIA says.

Know compliance requirements Organisations transitioning to the cloud need to know their compliance requirements or risk discovering a security-related element that forces a change of plans after a data breach incident. IT solution providers and cloud vendors can provide an additional layer of compliance assurance. 

Understand different views of security Cloud computing lowers the barrier of entry to technology and gives access to areas that have traditionally required cooperation with the IT department. Yet business staff who begin using cloud solutions without the backing of the IT team may not be considering where data is being stored, what happens in case of an outage, or how the cloud tool is integrated into other business systems.

To help combat potential problems with which this approach, it is important businesses understand individual departments’ desire for cloud solutions regardless of the security profile they present, and implement company-wide policies to help combat them. 

SAS partners with NVIDIA on deep learning and computer vision
“By partnering with NVIDIA, we combine our strengths to augment human intelligence and realise the true potential of AI.” 
Why businesses must embrace automation to ensure success
“For many younger workers, the traditional view of a steady job at one company, perhaps for life, simply doesn’t reflect reality."
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
Microsoft appoints new commercial and partner business director
Bowden already has almost a decade of Microsoft relationship management experience under her belt, having joined the business in 2010.
How Cognata and NVIDIA enable autonomous vehicle simulation
“Cognata and NVIDIA are creating a robust solution that will efficiently and safely accelerate autonomous vehicles’ market entry."
Kinetica launches a new active analytics platform
"With the platform now powered by NVIDIA DGX-2, customers can build smart analytical applications that combine historical data analytics and ML-powered analytics."
Avi Networks: Using visibility to build trust
Visibility, also referred to as observability, is a core tenet of modern application architectures for basic operation, not just for security.