Tips for Security in The Cloud
The expansion of cloud computing is unstoppable, and its growth within enterprise software is manifest destiny. Of course, when dealing with cloud storage there are always questions about security. After a recent Unisys survey revealed that more than half of its enterprise participants considered security and privacy their biggest concern with the cloud, eWeek did a little investigation and outlined six tips for security. Details are below, but the main points are to ask questions and don’t assume your storage provider is giving you all the pertinent details, and to be completely familiar—back-of-your-hand familiar—with your company’s security requirements.
- Learn as much as possible about a potential provider’s data management. Whether it’s where data is physically stored or what hiring practices led to the staff responsible for securing your data, make a point to know about it.
- Make sure your provider can show you documentation of encryption used to secure and segregate data between multiple customers.
- Should law enforcement perform an audit, be sure your provider can construct an accurate audit trail. Be particularly wary of providers who can’t give you precise geo-location and compartmentalization of sensitive data.
- Another key to smooth audits: know your company’s compliance requirements inside and out so that these become prerequisites when soliciting a provider. This knowledge could eliminate legal hassles down the road.
- If a provider doesn’t have a trustworthy software security assurance program, find one that does. This means security and privacy will be certain in terms of application development in the cloud.
- Lastly, consider Murphy’s Law. Ask prospective providers how they are prepared to handle a security breach, from damage control to correction.
[Photo courtesy of itgct.]