5 Keys for Moving Enterprise Security to the Cloud
The worst economy in 70 years hasn't deflated the cloud: In 2009, cloud services were already a $16 billion market, says research firm IDC. By 2014, global cloud revenues will hit $55.5 billion, growing five times faster than other IT products.
It's not hard to see why enterprises large and small are flocking to the cloud. The cloud reduces IT capex and opex by shifting those costs to the enterprise's cloud provider. That's an obvious benefit even in flush times, but it's even more attractive when the recession has CIOs and IT managers looking to run as lean as possible.
Cloud computing also helps enterprises stay nimble -- by enabling them to take advantage of new technologies faster than if they had to buy and deploy the equipment themselves, for example. That flexibility can produce competitive advantages, including rolling out services quickly to respond to changing market conditions.
Another big draw is the ability to scale IT systems up and down to meet changing needs, such as peaks during the holiday shopping season. That lets enterprises be more responsive to a flood of new customers, but without purchasing IT infrastructure that would be underutilized between peak periods.
5 Tips for Fighting Breaches
As any CIO or IT manager is quick to add, the cloud's benefits can't come at the expense of security. Even minor breaches can have big implications, ranging from a PR nightmare and class action lawsuits when confidential customer information is compromised, to jail time if it turns out that lax security policies violated laws. Worst-case scenario: a breach so big that Congress enacts a law nicknamed after the company.
Some enterprises have an internal cloud, others work with a cloud provider and still others have a combination of the two. These tips apply to all three models:
1. Start clean.
Some enterprises require their cloud provider to put their data only on brand-new servers. They believe it's impossible to remove every trace of former tenants and that this electronic detritus creates back doors for hackers.
2. Secure access to the cloud.
Implement strong authentication mechanisms to secure every Web path that provides access to the cloud. Ditch simple, password-based logins in favor of multifactor authentication. In fact, some industries mandate this. One example is financial services, where since 2006 the FFIEC has required banks to use multifactor authentication to protect logins into their sites. Also, take a look outside your industry to see if there are any regulations and best practices that you could adopt or adapt to beef up cloud security.
3. Safeguard the data in the cloud.
This is another place where it's key to keep up with industry-specific laws and best practices, including ones that can be borrowed from other sectors. For example, the Payment Card Industry (PCI) standard specifies physical and logical controls for data both when it's at rest and in motion, while HIPAA provides similar requirements for medical data.
4. Verify and audit.
Third-party auditors can verify that your cloud or your cloud provider meet security and privacy laws, as well as any industry-specific best practices. Besides PCI and HIPAA, audits may look at compliance with SAS 70 which covers application security, physical security and security processes. Another is ISO 27002, which lists hundreds of options for security management.
5. End clean.
PCI is also an example of how some industries require that data be destroyed, including the hard drives. That includes when switching cloud providers: The contract should spell out exactly how data must be destroyed.
Need more tips? Check out: Cloud Computing: Benefits, Risks and Recommendations for Information Security, a European Network and Information Security Agency report that covers 35 common risks and strategies for mitigating them. These tips are applicable in every part of the world.
Tim Kridel has been covering all things tech and telecom since 1998 for a variety of publications and analyst firms. Based in Columbia, Mo., he still enjoys the childhood hobby that led to a career writing about technology: ham radio.
- 4 Apps to Manage Your Contacts
- Portable Tech Gadgets You Need This Summer
- Best Tablets for Your Business
- Security Tips for Your Smartphone or Tablet
- 5 New Cloud Tools You'll Love
- Can a Tablet Replace Your Laptop?
- Why Wireless Needs a Network of Networks
- 5 Steps to a Successful Enterprise Wireless Strategy
- 5 Keys for Moving Enterprise Security to the Cloud
- Tips for Building and Deploying Cloud-based Apps
- 5 Business Lessons You Can Learn From Mark Zuckerberg
- Russia: The No. 1 Base of Global Internet Attacks
- Researchers Say New Botnet TDL-4 Poses Big Threat
- The Internet Grows Up
- Ten Ways to Keep Your Online Information Secure
- How Facebook and Your Free Time Can Get You Fired
- The Only 10 Android Health Apps You Need
- Connected TV
- Near-Field Communication Technology the Next Big Thing
- The Future of 3-D Video
- Is Your Teen Sexting?
- Should You Ban Your Tweens From Facebook?
- Home Movies: Then and Now
- Is Social Media Malware Infecting Your Business?
- Is Your Tween (Illegally) on Facebook?
- Are Free Public Wi-Fi Networks Safe?
- Explosion of Creativity: Power of Online Communities
- The Future According to Google
- 5 Cheap Alternatives to Hiring a Personal Trainer
- When Your Dream Company is Hiring on Twitter
- Colleges Bring Campuses to Facebook
- Technology Powers Revolutions and Saves Lives
- Best Photo Apps
- Virtual World No Substitute for Real One
- Best Phone Apps for Busy Women
- How to Prevent Identity Theft
- How to Use Facebook So It Does not Use You
- Worst-case Computer Scenarios
- Google Chrome OS Notebook: A Security Game Changer?
- What Is Cloud Computing?
- How to Prevent Data Breaches
- Best Tips for Sharing Videos
- Do You Need an iPad for Your Small Business?
- The App Guide: 5 Must-have Shopping Apps
- Project Management Tips From the Pros
- Finding the Right Skill Set
- Who's Gawking at Your Photos?
- Dealing With Virtual Stalking
- CES 2011 Report - Consumer Electronics Show
- Time to Gear up for 3-D TV?
- How to Get the Best Service From IT Vendors
- Dating Apps: The Lowdown
- New Website Streamlines College-Aid Application
- Gift-card Resale Market Thrives Online
- Stop Cyberbullying Now!
- 5 Cloud Tools to Boost Your Productivity
- Mobile Pay Can Give You an Edge
- How to Find the Best Deals Online
- Should You 'Friend' Your Teens Online?
- Should You Really Post That Comment?
- 5 Smart Tactics for LinkedIn Self-Promotion
- How Repressive Regimes Use the Internet to Keep Power
- WikiLeaks: Diplomacy as Usual
- The Rising Threat of USB Drives
- Integrate Cloud Solutions With Caution
- Tech Solutions to Track Your Resolutions
- Crash Course in Computer Maintenance
- How to Pick the Right Cloud Provider
- Web Tools for Starting a Small Business
- 4 Life-changing Resolutions You Can Stick to
- Create Your Own Social Network
- What the Web Says About You
- FTC Chairman: 'Do Not Track' Rules Would Help Web Thrive
- 'Do Not Track' Rules Would Put a Stop to the Internet As We Know It
- Are Federal 'Do Not Track' Rules Needed?
- The Political Power of Social Media
- Top 3 Kid-safe Social Networks
- 5 Ways to Cultivate Your Kids' Online Reputation
- Preparing Our Children for Global Digital Citizenship Success
- The Great E-reader Roundup
- The NFL's Highest-scoring Apps
- New Gadgets Straight From the Big Screen
- A Game Plan for Protecting Stored Data
- The Drive for Real-time Collaboration
- Hang Onto People Who'll Help You Advance
- Leading New Developments in Visual Computing
- Meet Mr. Industrial: Justin Lassen's Music Machine
- Must-see TV on the Internet
- Share Safely on Social Networks
- 6 Essential Rules for Safe Online Shopping
- Five Steps to Kid-friendly Surfing
- High-tech Help for Weight Loss
- Create a Web Site or Blog for Your Family
- Video Eyewear for Sunglass Cinema
- Smart Phone Apps Help Stop Distracted Driving
- Online Computer Backup Services Remove Hassle
Copyright © 2011 Studio One Networks. All rights reserved.