How can one keep data secure with cloud computing

2355 pts.
Cloud Computing
Cloud Security
Knowledge Point Challenge
A large company is working on a new project that requires cloud computing.  If they utilize their private network they can reasonably assume their data to be secure, given that all protocols with remote access are followed or the private network does not allow remote access.


Answer Wiki

Thanks. We'll let you know when a new response is added.

When you store data in a 3rd parties cloud you have to assume that the Cloud provider (Microsoft, Amazon, RackSpace, etc) will keep your data secure. If you need to be sure that your data is secure, then a Cloud platform may not be the correct choice.
It really depends on the application. I was at a cloud computing user group meeting recently and asked around about this same question.

For some uses, attendees suggested, you can just encrypt everything, and use it as a storage-as-a-service. In other cases, more and more vendors are letting customers deep dive into facilities and to see exactly how the data is being secured. It’s never absolute, but then again, security never is. Just have to determine the acceptable risk and work from there. The Microsoft, Amazon, RackSpace’s of the world likely won’t give you this “inner” peak, but often smaller vendors will.

Federated Identity Management, Proper Encryption techniques with Key Management for Data, Network Security measures, Virtualization Security and Physical Security are main areas while considering Cloud Computing.


Discuss This Question: 3  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
    Thank you both for answering. Please do not mind if I play devil's advocate. If a company was to encrypt everything, would not the computers performing the cloud computations need to have the encryption key to work with the data? If that was the case then the red data (unencrypted) would be available again with the usage of black data (encrypted) only present in transmission. On that same note, do either of you (or anyone else for that matter) know if when creating a cloud computing agreement (I am not sure what else to call it) a company can hold the provider accountable for security breaches? I can imagine a situation where when a company seeks a cloud provider, a hardware encryption method is introduced between sites and the cloud provider only works with the information in a filtered facility. You are correct to say security is not absolute. I can only hope that encryption methods supersede that of people who will eventually have THz processors.
    2,355 pointsBadges:
  • carlosdl
    Security involves confidentiality, integrity and availability. This last principle could be improved with a cloud service, because most providers will have your data available in more than one physical place in case of any incident with one of them. Also, I would assume most providers will have a dedicated team of security experts, which could not be the case in all companies, but you would have to trust them, and that is not always easy (and recommendable). On the other hand, the provider could want to charge you for additional security services, which are probably not included by default. In the storage-as-a-service mentioned by Michael, I think the encription keys don't have to be shared with the provider, because they are not processing the data, just storing it. Also, cloud providers will be an attractive target for hackers for sure. So, I agree with MrDenny. If you want to be sure that your data is secure (and you have the necessary resources and budget to do it by your own), then a cloude service may not be the best choice.
    84,975 pointsBadges:
  • Former SalesForce CEO: The Cloud is Coming - Enterprise IT Watch Blog
    [...] course, with cloud computing, one chief concern (just read the ITKE forums) is security. Denny Cherry captured a prevalent feeling when he wrote that, ” If you need to [...]
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: