Providing Insight Into the Cloud Computing Security, Privacy and Related Threats

Cloud Security Journal

Subscribe to Cloud Security Journal : eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Security Journal : homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Cloud Security Authors: Elizabeth White, John Katrick, Mamoon Yunus, Ravi Rajamiyer, Liz McMillan

Related Topics: Cloud Computing, Cloud Security Journal , Secure Cloud Computing

Blog Post

Mitigating Security Risks in the Cloud | @CloudExpo [#Cloud]

Cloud-based services are extending a global reach to businesses through faster speeds, better features and available access

Many businesses are realizing the advantages of moving essential business services to cloud-based models, including communications, voice, and CRM. The associated advantages of the cloud have allowed businesses to be more flexible, scalable and enjoy higher cost savings. However, these businesses must bear in mind that there are several security considerations associated with shifting essential systems to the cloud.

Especially with data breaches becoming increasingly prevalent across organizations, the security of cloud service providers needs to be of critical importance. Here are several best practices to keep in mind about cloud risk concerns, and tips to ensure a secure and protected business when thinking about moving to the cloud:

Ask the Right Security Questions
It's important to ask the right security questions and ensure that the cloud provider's techniques and best practices are in line with your own. Basic questions to ask and seek satisfying answers to include:

  • What kind of security practices does your organization have in place for protection?
  • Have you ever had a breach? If so, what was the security protocol and end result?
  • What are you actively doing to protect my customer data from being breached?
  • In case of security issues, what is your customer service support like? Is someone available 24/7 in the case of a breach?

Make a Security Checklist
Partnering with a cloud service provides added benefits, which generally include more resources to implement security, monitor services around the clock, and incorporate back up measures.

When choosing a cloud provider, make sure to hold them to their highest ability to provide the best security. Hindsight is 50/50, so having the proper security features set prior to an engagement is much better than playing damage control after a breach. Below are five key security features to consider when evaluating a cloud service provider:

  1. A Secure Storing Facility. When thinking of security, most think of the digital form. While digital security is important, most forget that the security of the physical buildings and personnel who work there are equally critical. These personnel have access to the facility, hardware and data that is being stored or processed. It's imperative to know who has access to your data, how they can view it and what their access privileges can do with it.
  2. Preventative Measures. Providers need sufficient preventions in place to catch a security risk before it happens, not just after an incident occurs. Common preventative measures include encrypting data inside the cloud, monitoring for risks of breach around the clock, and alerting owners when there is a concern.
  3. Defense Against Distributed Denial-of-Service (DDoS). In the event of a DDoS attack, where hackers attack multiple systems, it can bring down the entire system and every customer that is connected to it. Cloud providers need layered redundancy, which when properly implemented makes system-wide failures virtually impossible.
  4. Privacy Features and Confidential Credentials. Cloud-based services continue to offer faster service and advanced features. In cloud communications, for example, digital white boards, video conferencing and call recording / storage are all benefit-adding features. While these features add value, they also source additional client information and place it at risk. Data such as user credentials and recorded conversations need to be encrypted in the cloud in order to maintain its security.
  5. Protection from Data Loss. In case data is destroyed or removed, the provider should have back-up recovery systems to retrieve the data. Regular back-ups can help ensure that your business gets up and running in the shortest amount of time possible after a breach.

Consult Experts for Recommendations
Choosing the right cloud service provider can be daunting, especially when there are endless providers all claiming to have the best security features. What constitutes reliability and security? Consulting experts can help make recommendations, assess potential vendors, and evaluate the security features that the provider has implemented.

In addition, these experts can also share what type of encryption and security measures need to be implemented internally in order to use certain cloud services. For example, with remote working employees, most companies will utilize cloud communications services to share data. Even though the data is stored in the cloud, there are still certain best practices that companies can implement within the organization to ensure the cloud is utilized properly.

Already we are seeing that cloud-based services are extending a global reach to businesses through faster speeds, better features and available access around the globe. By keeping in mind the best practices listed above, companies can comfortably migrate to the cloud, reduce risks and know their data is secure and protected.

More Stories By Adam Simpson

Adam Simpson is the CEO and co-founder of Easy Office Phone where he oversees the creation of new sales channels including a North American Dealer Program, plays a leading role in software development, manages the company’s network infrastructure, and builds dedicated teams of sales, support and engineering staff. Under Simpson’s leadership, Easy Office Phone has grown rapidly and steadily into a highly respected provider of Hosted PBX service to clients throughout Canada and North America since its launch in 2005.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.