Security in cloud computing

Tags:
Cloud Computing
Cloud Security
Security
Even though we have authentication tools for the cloud, why do we have a lack of security in public cloud, private cloud and hybrid cloud?
1

Answer Wiki

Thanks. We'll let you know when a new response is added.

There will always be a risk when using technology, no matter how secure they are. The goal is to always minimise as much risk as possible and that is dependent on some key factors such as:

  • Is the provider accredited? If so to what extent?
  • Do you have a say where your data is stored? There are some now really highly accredited and credible hybrid clouds for the enterprise that give you as much or as little control as you want
  • Does the provider work with you to identify your pain points and come up with the best possible solution? 
  • Do you have a strategy in place for your employees before you move to the cloud? People are the number one risk when it comes to cloud computing, not the technology itself 
The really strong cloud players wouldn’t have a lack of security as they should be innovating whilst deploying so will be able to help you with the above and more. 

Discuss This Question: 10  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    I believe it's because we have cloud service providers and their customers looking at one another assuming the other guy is responsible for security. It's still common for me to see cloud service providers and businesses alike not performing any vulnerability scans and penetration testing in their environments. The SOC 2 audit report looks good, therefore everything's in check. That's not only delusional, it's a breach waiting to happen:
    https://community.rapid7.com/community/infosec/blog/2014/09/09/rely-on-data-center-audits-alone-and-you-ll-get-hit-eventually
    27,550 pointsBadges:
    report
  • Joeprior
    In cloud environment there are basically three cloud forms: Public, private and hybrid. Out of them Public cloud gives the least security among them. Private cloud gives the high security facility but is little more expensive and hybrid cloud gives high security which is not much expensive.
    500 pointsBadges:
    report
  • Brijesh
    Hybrid cloud is more secure, but that too have some issue but compare to others it is more secure.
    14,450 pointsBadges:
    report
  • ToddN2000
    If you use the cloud, you need to take responsibility for what you put there. Do not expect others to protect your data. I think we all need to be proactive when using the cloud and make it that much more secure before more companies will adopt the use of it. I still do not use it personally.
    136,240 pointsBadges:
    report
  • Elizine
    I think it all depends on the hosting provider and type of hosting you choose for your business. Public cloud is for large group of industries and to general public, private cloud for business that require data storage and complete control over it while hybrid cloud is for companies that store human resource data and crm data. Businesses should choose one that's really suitable for them which solves the security problem.
    1,145 pointsBadges:
    report
  • TheRealRaven
    I haven't been able to determine if cloud storage is any less secure than local storage.

    There's plenty of evidence that "local storage" is secured without much security expertise at all. Cloud storage can be secured by some dedicated expertise that is effectively charged with protecting an entire business model. If breaches happen at some threshold level of frequency, the business model will collapse.

    Also, in general, breaches have been mostly done through attacks that succeed for "local storage". It seems that it's not so much that "cloud" is inherently less secure; it's more that some general practices need to be followed (or imposed by contract agreement) to ensure better handling than was evident in many breaches. (I suspect that some of those practices have been implemented by cloud vendors. They potentially can't afford significant repeats.)

    Some useful background can be found in Data Breaches in the Cloud: Who's Responsible? Also, see Google Drive, Dropbox, Box and iCloud reach the Top 5 Cloud Storage Security Breaches List for more.

    In many ways, if cloud security can't be imposed or compelled on a vendor, then maybe it's worth re-evaluating "local storage". Vetting cloud security takes basically the same general steps. If it can't be done for one, there's a reasonable chance it isn't completely done for the other.
    36,880 pointsBadges:
    report
  • ToddN2000
    I agree with Raven on the issue that more local data breaches occur than those in the cloud. It may be that companies are keeping their critical data local, This mean hackers will target local data storage more often than cloud data.
    136,240 pointsBadges:
    report
  • ToddN2000
    I think is comes down to the cost to offer a competitive product. They have to cut corners some where and I feel it's in security.
    136,240 pointsBadges:
    report
  • KelvinS
    The benefits of the public cloud contain lower cost and better elasticity. But hosting in a private cloud well addresses your organization’s security concerns.
    225 pointsBadges:
    report
  • JustinWilson07
    A cloud works on three models if you know what I meant to say. The company should make sure that they are doing their job in avoiding security leaks but it is also up to us to stop this by utilizing strong passwords and authentication enabled tools.
    2,465 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: