Cloud Zone
Cloud Zone is brought to you in partnership with:

Ben Kepes is an analyst, and entrepreneur, an commentator, and a business adviser. His interests include a diverse range of industries from manufacturing to property technology. As a commentator he has a broad presence both in the traditional media and as an extensive blogger. He sits on the boards of a number of organizations, both commercial and not-for-profit. Ben is a DZone MVB and is not an employee of DZone and has posted 197 posts at DZone. You can read more from them at their website. View Full User Profile

A Checklist for Customer Cloud Security

11.14.2011
| 1413 views |
  • submit to reddit

We Recommend These Resources

NOSQL for the Enterprise

I often hear how Cloud is insecure from people who claim that unauthorized access is a real and significant risk for users of Cloud Computing. It always kind of frustrates me as, in my (admittedly somewhat biased) view, Cloud is as secure, if not more so, than traditional IT.

In our Cloud security whitepaper on CloudU, we spent a bunch of time talking about why Cloud Computing is in fact potentially significantly more secure than traditional models of IT delivery while at the same time pointing out the fact that there’s still stuff that organizations need to think about when using Cloud.

At the same time however we were totally realistic about the fact that there are still some things that end customers need to think about in terms of security. Sometimes the most useful thing for folks making a change is a simple checklist of things to think about and so, to that end, here’s our picks of things to think about when moving your organization to the Cloud;

  • Firewalls – Customers still need to think about controlling the traffic in, and out, of their organization. Hardware and software firewalls ensure your traffic can bunch through, but the baddies are kept at bay
  • Patches – You may be using lots of Cloud applications, but it’s still a safe bet that you have some desktop applications or, if not, at least some operating systems. These all need to have the latest versions of software running on them
  • Backups – Unless everything you have is on the Cloud, you need to think about backing up your data, preferably off-site
  • Controlling access to the Cloud – there’s no use being hyper secure if your employees leave mobile devices sitting around the place that people can access your sensitive data from. You need to think about policies and password protection for any device accessing your data
  • Staff security – your biggest threat comes form within. Hire your staff well and make sure they don’t put you at risk, either maliciously or otherwise
  • Passwords – the bane of our existence. Such an important area that we’ll come back to this one for more detail

Ensure these six points are dealt with, and you’re all set to enjoy a safe and rewarding Cloud experience.

We’re covering all things Cloud at CloudU, our Cloud Computing educational series. We’d love you to sign up to receive whitepapers and webinar invitations.



Source:
Published at DZone with permission of Ben Kepes, author and DZone MVB.

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)

"Starting from scratch" is seductive but disease ridden
-Pithy Advice for Programmers