Topic 2:- Is data secure in Cloud?
Cloud storage is a model of networked enterprise storage
where data is stored not only in the user's computer, but in virtualized pools
of storage which are generally hosted by third parties, too.
To think about security of the cloud, you need to view few points below:-
1.Cloud provider's policies, processes, procedures to maintain controls.
2.Disaster recovery and business continuity processes.
3.If the Cloud provider goes bankrupt, Can the enterprise’s data be sold to a creditor
or at auction as a provider’s asset?
4.What is the way of safeguarding my data? Are the Encryption policies or Username-password schemes of authorization and authentication tested and verified? Does the data remain in useable form during transport?
The major points which hammer the security of the data in cloud are:-
1. IAM:
Cloud computing turns
us all into remote workers, which makes identity and access management (IAM)
one of the key challenges after a cloud computing move. It is important to have
robust life-cycle management regarding users and user access so that user
accounts, credentials and access rights are always relevant and up to date,
including disabling an account when an employee leaves.
2. SSO: This enables users to securely access data or systems
across autonomous security domains. Consider introducing
single sign-on (SSO) for enterprise applications and leveraging this
architecture to simplify cloud provider implementations. A move to the cloud
will appear far more seamless to your users if they are already used to SSO,
and it’ll make managing trust across different types of cloud services less
onerous.
3. Bandwidth: The increased
Internet usage that cloud computing brings also increases the increased risk of
network congestion bottlenecks. Web-based applications are extremely latency-sensitive,
many barely functioning if the network is too busy. Downtime or slow processing
frustrates employees and can lead to breaches in policy. Slow file or data
transfers, for example, can lead workers to use alternative methods that may be
far less secure and break security policy rules.
4. Firewalls: Connections between
the internal network and the cloud should certainly be encrypted; sending any sensitive
or mission-critical data back and forth in the clear over the Internet is like
offering attackers an invitation to steal the data. As a network engineer, ensure
network devices can handle the processor-intensive, public-key encryption algorithms
involved in SSL-encrypted communications.
5. Audit: Another important
task after a cloud computing implementation will be to conduct an audit of all security
policies to ensure they remain relevant. Also review, update and test disaster
recovery and business continuity plans and procedures. Processes, and more
importantly, people’s roles, will have changed now that cloud computing
infrastructure is a part of day-to-day systems management.
