Open IT Forum: What are your cloud security concerns for 2011?

6345 pts.
Tags:
Cloud Computing
cloud computing management
Cloud computing security
Cloud Security
Open IT Forum
Security
Security management
Everyone has their own reasons for not wanting to experiment in the cloud, but more and more the enterprise is trusting mission critical applications to the cloud. What are your major security concerns for 2011 regarding the cloud, if any? How have those concerns changed or evolved since 2010? We'll give you 100 knowledge points for sharing your opinions and insights, good for the iPad contest happening now until February 16th.

Answer Wiki

Thanks. We'll let you know when a new response is added.

my first cloud security concern:
1.) have clear understanding the risks of cloud computing (real hands on expr.)
2.) decreasing level of computer skill needed to hack, the increasing popularity of cloud computing, hackers exploiting the cloud as they look for low hanging fruit that can lead them to monetary gain.
I spend countless hours of training and seminars on the cloud computing but I’m not clear yet on the cloud and cloud security…
at first I was thinking it just me – old age, but after speaking with few CEO/CIO – I realize I’m not alone….

Discuss This Question: 7  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • MicroAcres
    I had a serious meltdown at small legal office client who was not able to monitor their tape backup processes sufficiently and got caught with no proper backup after a thorough and complete SBS 2003 server hard drive crash. (Mirror crashed, too) After a harrowing and expensive drive data recovery process, they decided to go with a Cloud solution for both Exchange and some applications (Timeslips, Wordperfect, MS Office) . I have expressed my concern that they do not have a complete and recent backup copy of all of their business data on site at their offices, and that if the Internet goes down for any prolonged period, their business day is toast. 1. What good solution is there to having almost current copy of the applications data at their office? My suggestion to them was something like an NAS with Egnyte, which appears to solve the issue with a mirror in the cloud , while their working data is also local. 2. What are people doing for having a local copy of the Hosted Exchange data on hand locally? Just relying on the caced Exchange OST loca files for each user? Seems a bit didgy, at best. Thanks
    110 pointsBadges:
    report
  • batye
    at the present time - I could be wrong but in higher educational institution this days - student never encourage by teachers to ask Why? and What? if Co. could ask What is our security concerns and before looking for the security solution in the cloud get clear scope of the problem and solution/resolution
    3,080 pointsBadges:
    report
  • Subhendu Sen
    Of course this is a great topic that about concerns of the present cloud security scenario.... 1. Concern About Need for Better Access Control and Identity Management, there are some third parties exist that deliver some products and services that may address these issues 2. Concern About Smart Phone Data Slinging, there might be chance for hacking of the cloud provider could provide mass access to confidential mobile device data when mobile users are using cloud-based mobile device support 3. Concern About Ongoing Compliance Issues and always keep in mind it 4. Concern About Risk of Multiple Cloud Tenants, which is the most cloud services make heavy use of virtualization technology, the risks associated with multiple organizations data housed on a single physical hypervisor platform exist And the most I think, Concerns over Email Security in the Cloud ! Thanks--
    27,620 pointsBadges:
    report
  • MelanieYarbrough
    [...] What are your cloud security concerns for 2011?: Batye, MicroAcres, and Rechil expressed concern about understanding normal processes such as backups and security in relation to the new technology. [...]
    0 pointsBadges:
    report
  • MelanieYarbrough
    Test4pass: Leading the way in studying IT certifications. Best Practice, Guaranteed Certify! It can help you pass you exams .you can search "test4pass 000-152 "by Google. http://www.test4pass.com/000-152-exam.html
    0 pointsBadges:
    report
  • Pakella
    Melanie, colleagues: According to IDC, your concerns about data security are echoed by 48% of organizations that they surveyed! As a prospect, looking to acquire and use a cloud-based SaaS solution, I might consider a framework that looks something like: 1. Access/authentication security a. Are there sufficient mechanisms and controls – including multiple firewalls, data encryption, and password protection – to help ensure critical information is highly secure yet still usable and shareable? b. Are the latest security standards used? 2. System (user, application, network) security a. Are secure standards used across the stack? Within the application and across the entire business scenario? From SSL at the transport layer to APIs at the application integration layer through the integrity of the app data within the app (multi-tenancy, multi-roles) to the integrity at the end point where the user accesses the app. 3. Data security
    
    a.	Is the center running to the appropriate standards – ISO 9001, ISO 20000, and ISO 27001?
    b.	Are there strict policies that meet SAS 70 Type II audit standards?
    c.	Is personal data adequately secured – EU’s Data Protection Directive 95/46/EC?
    d.	Does it meet federal compliance standards (e.g., HIPAA)?
    e.     Is the data being backed and protected adequately?
    
    4.	Financial security
    a.	Is the hosting provider financially viable? Will they be around tomorrow, when you need them?
    
    5.	Physical security
    a.	Is the physical data center adequately protected? From miscreants, tsunamis, and other acts of man and God.
    b.	Are people working in the facility adequately monitored? (e.g., 24x7x365 surveillance, including motion-sensing, closed-circuit monitoring and recording; licensed onsite security staff; and secure card reader plus 4-digit PIN access to raised floor areas)
    
    Best
    -prasad				
    10 pointsBadges:
    report
  • CloudResearcher
    Data and Network Security will be in Focus atleast for next 2-3 years
    525 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following