On cloud security requirements, customers must assume responsibility

On cloud security requirements, customers must assume responsibility

On cloud security requirements, customers must assume responsibility

Date: Jul 21, 2014

While the recent attacks against cloud computing services providers Code Spaces and One More Cloud prove the importance of cloud multifactor authentication, they also underscore an even larger takeaway: Organizations must understand and take responsibility for their own cloud security requirements.

According to Jay Heiser, research vice president with Stamford, Connecticut-based IT research firm Gartner Inc., enterprises that aren't intimately familiar with cloud security best practices may not realize when a cloud provider isn't acting in their best interest.

"What's happened is small service providers have done a bad job of protecting their customers' data," Heiser said. "I'm not aware of any weakness in [the providers'] technology or levels of service. It was the implementation."

In this interview, conducted at the 2014 Gartner Security & Risk Management Summit, Heiser discusses the specific mistakes cloud providers make, in particular poor stewardship of privileged access, that often result in successful attacks.

Heiser also explains that as a result of incidents such as these, enterprises are going to learn to better recognize where a cloud provider's security responsibilities end and theirs begin. However, that evolution will take time, he added, because cloud computing governance is poor in many organizations and that enables business units to engage in the use of cloud computing without proper security training or oversight.

More on Public Cloud Computing Security

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: