Tuesday, March 21, 2017

Security in the Cloud. Are we ready to move?

During recent years, we have witnessed the explosion of the Cloud Computing era where many companies are moving their data to datacenters around the world. The reason is mainly because organizations are benefitting from economies of scale, no capital expenditure and the quick availability of computing resources and massive access to storage that fit their requirements perfectly. Moreover, the concept of computing resource flexibility have enabled them to tune their requirements as and when they need.

However, we must be very careful and think well before moving data to datacenters; as this new concept means that we no longer have direct control on our data. This also means that data is actually being held and processed because it is happening dynamically on different systems that could be at any location in the world. Nevertheless, we must ensure that the confidentiality, integrity and availability if our data are still preserved. A cyber-attack in a cloud environment offers cyber-criminals access to vast amount of information such as personal customer information, financial data, intellectual property, business strategy, credit card details that can be used for criminal purposes.

Traditional on-premise infrastructure enabled us to have our own defence-in-depth mechanisms such as firewalls, Intrusion Prevention Systems , Intrusion Detection Systems, Data Loss Prevention Systems, DMZ etc, whereby we had full control on the data at rest and in motion. Now, with the location of our data to the Cloud, there are several important privacy, security and compliance questions that need to be answered prior to the move.


Post a Comment