Cloud Computing - eWeek



Cloud Computing News

How to Improve Cloud Security in Your Enterprise


By: Matthew Gardiner
2010-02-01
Article Rating:starstarstarstarstar / 8


There are  user comments on this Cloud Computing story.



  Table of Contents:
  1. How to Improve Cloud Security in Your Enterprise
  2. Study Different Cloud Models and Categories
  3. Think as a Cloud Provider

As cloud consumers, enterprises can do much to improve cloud security. In fact, when it comes to securing corporate information in the cloud, it really is the responsibility of the enterprise. If there is a breach, it's the enterprise that will be seen as responsible, at least for now. By thinking as a cloud provider, Knowledge Center contributor Matthew Gardiner shows enterprises how they can improve security in their cloud computing model and prepare to reap the most benefit from the cloud.

How to Improve Cloud Security in Your Enterprise
( Page 1 of 3 )

In this article, I will discuss six ways enterprises can improve cloud security. Yes, you read that correctly. Enterprises—cloud consumers—must work to improve cloud security. Most of the discussion around security of the cloud has focused on what the cloud providers should do. The data and application services are on their premises. But enterprises need to remember that they bear a large—and in some situations, the largest—part of cloud security responsibility. Enterprises must never forget that they will face the majority of the blame if security breaches occur. They are, after all, the entities that have collected the data.

Cloud security is best thought of as a joint responsibility between cloud providers and enterprises, and the dividing line between the two currently is a bit…cloudy. The dividing line depends directly on the type of cloud model that is in play, ranging from software as a service (SAAS) to platform as a service (PAAS) to infrastructure as a service (IAAS).

On one end of the spectrum, SAAS approaches what could be considered a security black box, where application security activities are largely not visible to the enterprise. On the other end of the spectrum is IAAS, where an enterprise is principally responsible for the security of the application, data and possibly other levels of the infrastructure stack.

What should enterprises do to improve security in a cloud computing model and prepare to reap the most benefit from the cloud? The following are six steps to take:

Step No. 1: Learn from your existing, internal private clouds and the security systems and processes you built around those

Yes, you have internal clouds already. Over the last 10 years, medium to large enterprises have been setting up internal clouds, although they didn't refer to them as clouds. They were often referred to as shared services, such as authentication services, provisioning services, database services or enterprise data centers (which were hosted on relatively standardized hardware and operating system builds).

Step No. 2: Assess the risk and importance of your many IT-enabled business processes

While the potential reward of cost savings realized by moving to the cloud might be relatively easy to calculate, one cannot do a "risk versus reward" calculation without first understanding the risk side of the equation. The cloud providers can't do this analysis for enterprises, as this totally depends on the business context of the business process. Low service-level agreement (SLA) applications with relatively high cost are obvious first candidates for the cloud. As part of this risk-weighing effort, the potential regulatory impacts also need to be considered, as some data and services are simply not allowed by regulators to move off-site, out of state or out of country.








 
 
>>> More Cloud Computing Articles          >>> More By Matthew Gardiner
 


FEATURED SPONSOR VIDEOS

Benefits of Workload Optimization

What Smart Companies MUST Learn from Gaming

Advances in Authentication

Vertical Markets Benefit from Workload Optimization

View More Videos

Brought to you by
Advertisement

FEATURED SPONSOR MESSAGE

Start the New Year with business intelligence—it’s a smart move

Join us on February 1 for an encore rebroadcast at either 5 am or 12 noon EST and discover how business intelligence (BI) supports companies in uncertain business and economic climates. Get expert advice on how to create a strategy that fits your organization's needs and budget and see how quickly it can pay for itself.

Click Here

Brought to you by
eweek digital

Suggested Related Content:

Articles Labs/How-To Multimedia


Advertisement
 
APPLY FOR A FREE 
SUBSCRIPTION BELOW:
>Try digital eWEEK
>Renew today
>Subscription help
>More FREE Subscriptions
First Name:Last Name:
Title:Company:
Address:City:
State:Zip Code:
Email:
Issue Index | Contact Us | About | Advertise | Magazine Customer Service | Site Map
eWEEK Quick LInks

Security:
Enterprise Networking
Network Security
Infrastructure Security
How To: Data
Security Watch Blog
Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
How To: Storage
Storage Station Blog
Computing:
Apple OSX
Linux Systems
Windows 7
Managed Print Services
Computer Reviews
Microsoft Watch Blog
Google Watch Blog
Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Apps & Development:
Application Development
Enterprise Apps
Search Engines
Database Software
Web 2.0
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel and VARs
Careers Blog
More eWeek Links:
Green Computing Center
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Videos
Magazine Subscriptions
Enterprise Websites:
ZDE Home
eWeek
Baseline Magazine
Channel Insider
CIO Insight
eSeminars and Events
Web Buyers Guide
Developer Websites:
DevSource C# and .Net
Dev Shed
DeveloperShed
ASP Free
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware
Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
PDF Zone
Linux Watch
TechDirect
Windows Migration
Smarter Technology

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
ZDE Cluster 1