“The rise of the Cloud is more than just another platform shift that is getting geeks excited. It will undoubtedly transform the IT industry, but it will also profoundly change the way people work, and companies operate.” The Economist, “Let it Rise”, October 23, 2008
As many people predicted, cloud computing is now a massive solution that helps companies create better strategies for developing. Its potential has been noted since day one. Significant Improvements have been made on how cloud functions, new tools, and benefits, but despite this, people are still worried about cloud security, they still do not believe it is safe. People often reach out to me to discuss cloud safety and I response is the same as I wrote in my first article on cloud security 5 years ago, the cloud is able to be as safe as on-premise.
The cloud environment offers the same security options as on-premise systems. These are the types of security management practices that cloud providers can do to ensure security in the cloud.
Intrusion detection (ID) – is one of the types of security management systems for the cloud. It gathers information from various areas within the cloud and analyzes to identify possible security breaches and patterns, which could include both intrusions (attacks from outside the company) and misuses (attacks from inside the organization). The system scans for vulnerabilities and reports them to the administrative team.
Unified threat detection (UMT) – this approach of the security management allows the administrator to manage and monitor a wide variety of security-related apps and infrastructure components through a single management console. The UMT typically provides firewalls, anti-malware, spam, content filtering, and VPN capabilities, and also could include more advanced features like identity-based access control, quality of service, load balancing, SSL and SSH inspection.
Cloud encryption – is another solution offered by cloud providers to ensure data security. It is the transformation of data into ciphertext. Cloud-encryption is almost similar to in-house encryption procedures with one difference – the customer must invest time in understanding the provider’s policies for encryption and key management. Also, the capabilities ensured by the encryption procedures need to match the level of sensitivity of the data hosted by the cloud.
Companies that are planning to move to the cloud also have to consider the security controls offered by the provider, created for different levels of compromises. The combination of various components included in the security management types could build preventive security strategies, detective security strategies and corrective security strategies.
- Preventive controls – are designed to stop an attack from happening by making it harder to crack into the system. These measures will always reduce vulnerabilities and could convince the attacker that the effort is not worth time.
- Detective controls – are created to announce an incident and react to it immediately and reduce any negative impact. These commands work as a back-up for the preventive controls.
- Corrective controls – are created to limit the damage caused by a breach or other incidents. Backing up data at regular intervals allows the provider to restore all data in case of threats.
Cloud security is no longer the top concern for companies. The improvements made in the past few years transformed cloud security making the decision to move to the cloud easier than ever before.