Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

A clearer view of cloud computing security now that the haze is gone

Scott Cain, chief architect, Customer Innovation and Portfolio, BT Global Services | July 25, 2012
The cloud is here to stay because most organizations are looking to the cloud for "extension" -- the capability to take their business in new directions faster, rather than simply as a method of cost management. And now that the hype haze has disappeared, we have a much clearer picture of how to get the best from the cloud.

3. Outsource responsibility responsibly. Use the tools that are there to protect your organization against risks -- contracts, governance frameworks, due diligence procedures, and insurance policies.

4. Put your prospective supplier under the microscope. Find out who within the supplier organization will have access to your data; ask for audit logs, details of compliance certification, or info about a recent audit that they can share.

5. Prepare for cloud culture. The automated interface of many cloud services can feel alien to IT departments used to dealing with people within supplier organizations. Procurement, legal or commercial teams can also find the pay-as-you-go contracting model of cloud services demanding. Work to help these teams understand the value of the cloud, or they may become strategic barriers.

6. Protect your data. Use strong authentication. Encrypt your data when stored and transmitted and keep access to your encryption keys within your organization. Make sure data no longer needed is permanently erased from computer memory and storage.

7. Prepare to prevent DDoS attacks. Attack via denial of access to legitimate users is relatively common. However, with the right planning, cloud systems are highly resilient against simple flood attacks and excel at ramping up more bandwidth and resources in the face of gigabytes of malicious traffic.

8. Review regularly. Seek independent audits of suppliers' offerings to ensure they are still the best-in-class and best fit for your needs. Test your systems and procedures, and remember to review the human elements, too.

Ultimately, the benefits of moving to cloud architecture are widely accepted and potentially huge: increased agility due to rapid provisioning and de-provisioning of resources, significantly reduced capital expenditure and fixed costs, easy availability of services to a mobile workforce, less time spent managing technology and software and more time spent managing information and data to drive business innovations. But the key, of course, is to strategically and effectively manage the inherent security challenges.

BT is one of the world's leading providers of communications services and solutions, serving customers in more than 170 countries. Its principal activities include the provision of networked IT services globally; local, national and international telecommunications services to its customers for use at home, at work and on the move; broadband and Internet products and services and converged fixed/mobile products and services.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.