Security considerations critical in the cloud

By on

IT departments are increasingly realising the benefits of cloud security, but businesses must ask themselves a few questions before handing over control to a third-party.

That was the message from analysts at a conference, “Gaining business and technical advantages from cloud, SaaS and hybrid security services,” held Thursday in New York, and sponsored by consultancy IDC.

Cloud security is sometimes being driven – along with the cost saving benefits it provides – by what analysts referred to as “appliance fatigue,” or the frustration of having to manage numerous on-premise security products.

But while some smaller organisations might ultimately replace all in-house solutions with cloud security services, the majority – especially larger organisations – see the technology as a complement to their existing solutions, analysts said.  

Before turning to the cloud, though, corporate decision-makers must consider a number of factors, including what cost savings, scalability, reliability and functionality the third party will provide, said Brian Burke, program director of security products at IDC.

When evaluating moving to the cloud, security professionals should consider the cost of maintaining their current investments, potential changes to compliance regulations in the future, and whether the cost of a potential breach justifies the investment, analysts said.

Performance is one of the most important considerations for cloud security, and organisations must ensure that the vendor with which they contract has adequate internal protections to minimise latency and avoid disruptions in services. Burke warned that if latency is introduced, help desk calls could rise dramatically.

To combat this possibility, the cloud vendor should provide a service-level agreement to ensure reliability, analysts said.

In terms of functionality, businesses must realise that in today's environment, web and email threats are not mutually exclusive, so look for a cloud vendor which has expertise in both, Burke recommended. When looking to secure a virtualised environment in the cloud, choose a solution that provides a single console to manage all devices.

And, one of the key risk mitigation defenses is a multitenant architecture [different services with a shared code-base that appear different to end-users], though it requires high-speed routing, switching and load balancing, added Chris Christiansen, vice president of security products and services at IDC.

See original article on scmagazineus.com

Copyright © SC Magazine, US edition
Tags:
cloud computing security virtualisation

Most Read Articles

Devastating flaw puts almost every wi-fi network at risk

Devastating flaw puts almost every wi-fi network at risk
NBN Co works to recover cost of network damage

NBN Co works to recover cost of network damage
Wi-fi flaw confuses Aussie internet users

Wi-fi flaw confuses Aussie internet users
Vocus to sell Aussie data centres, NZ business

Vocus to sell Aussie data centres, NZ business
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
Solving IT complexity
Solving IT complexity
Optimising Enterprise Data Centres for the Cloud
Optimising Enterprise Data Centres for the Cloud
Growing companies have a growing interest in technology
Growing companies have a growing interest in technology
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
RSA NetWitness® Endpoint. Respond 3X Faster to Threats

Events

Log In

Username:
Password:
|  Forgot your password?