Evaluating cloud providers: Avoid security issues with cloud computingDate: Nov 20, 2012
When companies discuss moving to the cloud, the conversation often revolves around potential pitfalls. Areas of concern usually include a lack of visibility into virtual infrastructure, unclear or competing standards and unknown complexity, to name a few. The security of corporate data is a foremost concern, with data confidentiality being an elephant in the room for many organizations. According to a study by IDG, 88% of enterprises would use the cloud more if security matched or exceeded that of internal data centers.
With organizations constantly trying to sidestep security issues with cloud computing, they often fail to discuss opportunities available in the cloud, including cloud authentication, authorization and accounting. Leveraging the abilities of the cloud can translate into a competitive advantage for businesses, but how can they minimize the risk involved in moving operations to the cloud? Evaluating the security of cloud providers is the best place to start.
In this SearchSecurity.com special video presentation, Davi Ottenheimer, president of security consultancy flyingpenguin, offers tips on evaluating cloud providers for security. Ottenheimer tackles the big issues of availability and confidentiality. He discusses the lack of data security being provided by some of the biggest players on the Web, including Gmail and LinkedIn. He also provides the five security requirements that should be included in cloud SLAs. Finally, Ottenheimer addresses the issue of compliance in the cloud and suggests three best practices for meeting regulatory requirements. With this primer on evaluating cloud provider security, any organization can take advantage of the great opportunities offered in the cloud whilst minimizing the potential risks.