Simply Security - News, Views, and Opinions from Trend Micro

Posted on October 9th, 2012 in Cloud Computing, Privacy by Simply Security | 1 Comment | Tags: cloud computing, Privacy

User demands will eventually mean better cloud security, one professional said.

Security questions have followed cloud service providers at every turn in recent years, presenting a significant threat to adoption rates in some cases. Everyone, from IT executives to common consumers, has been wondering whether they can trust the cloud is. But according to TechTarget, they may have to be more vocal with their demands if they hope to inspire progress.

Cloud Security Alliance Jim Reavis has been a primary advocate for this approach, according to TechTarget, recently suggesting that he believes the issue of security in this kind of environment will only truly be solved when noise starts being made by companies that they want to see better security across the board.

"Ask more detailed questions about the policies and practices; let's think virtually, and how to create those IT systems and data centers that are virtual," Reavis said during a recent keynote speech at the SecTor conference. "Let's demand transparency from our governments, our providers and our own organizations."

Reavis said that there has to be a mindset that security will be there no matter what, otherwise the cloud will not be safe. To truly fix the issues, organizations need to come together and combine their power to create a change. Reavis believes that organizations and industry groups can coalesce to insist that security issues be solved to make for a safer all around environment for business in the cloud.

One thing companies must do, according to Reavis, is get their own houses in order by making sure they have a good governance and implementation plan for the cloud that emphasizes data protection from the get-go. Looking at compliance issues, risk management and what kind of business goals the company has in mind for security and other aspects of the cloud should be done well before deployment.

Reason for the security demands 
Why are Reavis and others so adamant about security in the cloud? A recent report by the National Cyber Security Alliance and McAfee may have the answer to that, as this report said 26 percent of Americans have been told their personal information, password or credit card info where exposed by a data breach. With the cloud having more of an impact on where and how things are stored, it's important to make sure areas that are housing critical data are under lock and key.

Separate findings from this survey are telling as well:

- 90 percent of Americans believe that safe internet is crucial to economic security
- 65 percent have never installed any security software themselves
- 49 percent have used their mobile device across multiple websites but 58 percent have no backed up their data

Looking at issues like this, it becomes apparent that cloud security needs to become more of a factor.

Ensuring safe cloud migrations 
Intel had been trying to implement a cloud computing solution, according to InformationWeek guest columnist Ajay Chandramouly, a security professional with the company. His team conceded that a 100 percent secure cloud infrastructure may be impossible, but he said they wanted to make sure they were as well-prepared as possible to take care of security breaches in the cloud by making sure data was anonymous via encryption. This would make the data worthless to anyone trying to break into a cloud to steal the information, so even if something does go wrong, the information they stole would be of no use to the thief.

"It can ease the way for a simpler demilitarized zone and security provisioning and enabling more secure cloud computing," Chandramouly wrote on the website about this cloud security technique. "It can also help alleviate some of the potential legal problems encountered by U.S. companies that store data associated with customers living in the EU."

Cloud Security News from SimplySecurity.com by Trend Micro.