Some important points of Topic 2 in group discussion held on 29/06/2013

Topic 2:- Is data secure in Cloud?

Cloud storage is a model of networked enterprise storage where data is stored not only in the user's computer, but in virtualized pools of storage which are generally hosted by third parties, too.

To think about security of the cloud, you need to view few points below:-

1.Cloud provider's policies, processes, procedures to maintain controls.

2.Disaster recovery and business continuity processes. 

3.If the Cloud provider goes bankrupt, Can the enterprise’s data be sold to a creditor or at auction as a provider’s asset?

4.What is the way of safeguarding  my data? Are the Encryption policies or Username-password schemes of authorization and authentication tested and verified? Does the data remain in useable form during transport?

The major points which hammer the security of the data in cloud are:-

1. IAM: Cloud computing turns us all into remote workers, which makes identity and access management (IAM) one of the key challenges after a cloud computing move. It is important to have robust life-cycle management regarding users and user access so that user accounts, credentials and access rights are always relevant and up to date, including disabling an account when an employee leaves. 

2. SSO: This enables users to securely access data or systems across autonomous security domains. Consider introducing single sign-on (SSO) for enterprise applications and leveraging this architecture to simplify cloud provider implementations. A move to the cloud will appear far more seamless to your users if they are already used to SSO, and it’ll make managing trust across different types of cloud services less onerous. 

3. Bandwidth: The increased Internet usage that cloud computing brings also increases the increased risk of network congestion bottlenecks. Web-based applications are extremely latency-sensitive, many barely functioning if the network is too busy. Downtime or slow processing frustrates employees and can lead to breaches in policy. Slow file or data transfers, for example, can lead workers to use alternative methods that may be far less secure and break security policy rules. 

4. Firewalls: Connections between the internal network and the cloud should certainly be encrypted; sending any sensitive or mission-critical data back and forth in the clear over the Internet is like offering attackers an invitation to steal the data. As a network engineer, ensure network devices can handle the processor-intensive, public-key encryption algorithms involved in SSL-encrypted communications.  

5. Audit: Another important task after a cloud computing implementation will be to conduct an audit of all security policies to ensure they remain relevant. Also review, update and test disaster recovery and business continuity plans and procedures. Processes, and more importantly, people’s roles, will have changed now that cloud computing infrastructure is a part of day-to-day systems management.