Cloud computing is a notion that is having its day, for good reason; technology is ripe, the economics are compelling, and there is tremendous legitimate need. So, what's the problem? Using the cloud metaphor, data has to get from its owner/originator to the cloud where it is processed and back to the owner, hopefully without compromise or damage. Going back to the basics for a moment, data exists in three states, processing, storage, and transmission. It is vulnerable to a number of threats in each state.
Various measures are applied to deter the threats or isolate the data from the threat, basic risk management, if the measures are not applied continuously, the threat remains. Protecting data against damage during transmission is based on encryption for confidentiality and various measures for integrity. Getting the data from the owner to the cloud and back is, therefore, a straightforward problem solved by encryption, the question arises when the data is in the cloud. Storing encrypted data is not a problem. Assuming the data is stored encrypted. It is when the data is decrypted for processing that issues may arise.
What happens to the data during processing is often dictated by the application manipulating the data, intermediate storage is not unusual and a variety of approaches to segmented and distributed processing exist. Prudent questions should be asked regarding what happens to the data whenever it is not protected by encryption. The more sensitive and valuable the data is, the sharper the questions should be. A risk assessment should address all the availability and integrity issues. Redundant communications and processing are standard approaches to many of the issues, although simple cut cable outages due to human error occur often enough to give pause.
So far, the potential damage that a trusted cloud insider could inflict has not been addressed, there is often an assumption that cloud vendor security is bulletproof, which may be naive. Customers should not assume vendors have robust and durable security throughout their computing architecture. asking questions is never inappropriate. Becoming familiar and comfortable with the vendor's protection is just good sense.
Article Source: http://EzineArticles.com/?expert=Chris_A_Inskeep
Various measures are applied to deter the threats or isolate the data from the threat, basic risk management, if the measures are not applied continuously, the threat remains. Protecting data against damage during transmission is based on encryption for confidentiality and various measures for integrity. Getting the data from the owner to the cloud and back is, therefore, a straightforward problem solved by encryption, the question arises when the data is in the cloud. Storing encrypted data is not a problem. Assuming the data is stored encrypted. It is when the data is decrypted for processing that issues may arise.
What happens to the data during processing is often dictated by the application manipulating the data, intermediate storage is not unusual and a variety of approaches to segmented and distributed processing exist. Prudent questions should be asked regarding what happens to the data whenever it is not protected by encryption. The more sensitive and valuable the data is, the sharper the questions should be. A risk assessment should address all the availability and integrity issues. Redundant communications and processing are standard approaches to many of the issues, although simple cut cable outages due to human error occur often enough to give pause.
So far, the potential damage that a trusted cloud insider could inflict has not been addressed, there is often an assumption that cloud vendor security is bulletproof, which may be naive. Customers should not assume vendors have robust and durable security throughout their computing architecture. asking questions is never inappropriate. Becoming familiar and comfortable with the vendor's protection is just good sense.
Article Source: http://EzineArticles.com/?expert=Chris_A_Inskeep
No comments:
Post a Comment