A Checklist for Customer Cloud Security
In our Cloud security whitepaper on CloudU, we spent a bunch of time talking about why Cloud Computing is in fact potentially significantly more secure than traditional models of IT delivery while at the same time pointing out the fact that there’s still stuff that organizations need to think about when using Cloud.
At the same time however we were totally realistic about the fact
that there are still some things that end customers need to think about
in terms of security. Sometimes the most useful thing for folks making a
change is a simple checklist of things to think about and so, to that
end, here’s our picks of things to think about when moving your
organization to the Cloud;
- Firewalls – Customers still need to think about controlling the traffic in, and out, of their organization. Hardware and software firewalls ensure your traffic can bunch through, but the baddies are kept at bay
- Patches – You may be using lots of Cloud applications, but it’s still a safe bet that you have some desktop applications or, if not, at least some operating systems. These all need to have the latest versions of software running on them
- Backups – Unless everything you have is on the Cloud, you need to think about backing up your data, preferably off-site
- Controlling access to the Cloud – there’s no use being hyper secure if your employees leave mobile devices sitting around the place that people can access your sensitive data from. You need to think about policies and password protection for any device accessing your data
- Staff security – your biggest threat comes form within. Hire your staff well and make sure they don’t put you at risk, either maliciously or otherwise
- Passwords – the bane of our existence. Such an important area that we’ll come back to this one for more detail
Ensure these six points are dealt with, and you’re all set to enjoy a safe and rewarding Cloud experience.
(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)