If you are worried about the security of your data and applications stored in public cloud space then you can be assured. Data security on public cloud is stronger than some believe it to be. This has caused major concerns among cloud computing service providers and they are taking steps in improving the security features of their services to gain the trust of web application developers.
Cloud has allowed users to lower IT costs and improve efficiency but it’s the security concerns that are still holding many application developers at bay from adopting it. The results of TechTarget’s December 2012 IT Priorities Survey are largely skewed towards on-premise implementation of applications. Among the responding CIOs, about 60% voted in favor of on-premise software. The primary reason for holding out to cloud remained ‘data security’.
What causes the concern?
- CIOs are largely apprehensive about hosting applications on a shared-platform. Although they want to enjoy the cost advantages it offers, they are concerned about sharing a platform that is particularly prone to cyber attacks.
- Secondly, they think they will not be able to exercise enough control over their applications if hosted in public cloud. They are concerned about losing sight of their data and not being able to employ security policies to ensure its safety.
- Thirdly, the concern arises regarding compliance. CIOs worry that vendors’ SLAs will fall short of their internal as well as governmental security policies.
However, as the situation is changing fast, organizations will have to adopt cloud computing eventually. For that reason it is important to evaluate cloud security concerns or if they are really warranted.
Understand the difference
In order to evaluate cloud security threats one needs to understand the difference between on-premise and cloud security.
Corporate data centers are protected by firewalls. It is difficult to penetrate but once that part is achieved a hacker can do pretty much anything with your critical information. On the other hand, cloud security is provided on a multi-tenant environment; means that the provider is responsible for larger amount of data. Whatever security features are offered on the hosted set-up is available to all the tenants and so, you may get better access to augmented security tools.
In a nutshell cloud security in no more or less fallible than on-premise security tools and here is why:
- Cloud normally stores large volume of data and hence, offer better obscurity to your information
- The benefit of cloud is that it is constantly under watch by multiple people. As a result, error gets reported (and fixed) much faster on cloud
- Data is encrypted before being stored in the public hosted environment and the decryption keys are stored separately
- Users are still able to monitor data movement in a cloud space. One can ensure better cloud security by enhancing visibility of data
- Since the data is stored on a virtual space it is stored against an IP (though not fixed IP). So, even if the hacker succeeds in tracking the system address reinstalling data security will be as simple as changing the IP address of the data center.