Perfecting security in the cloud

Not all clouds are equal. You need to know what to ask and how to compare offerings, especially when it comes to security.

Thanks to the endless onslaught of marketing (and that new Cameron Diaz movie), everyone has heard about the “cloud,” but most people are still confused as to what that term really means. More importantly, everyone seems perplexed on what it could mean for their firms. While the National Institute of Standards & Technology (NIST) only defines three major categories for cloud or outsourced technical services, there are many, many more flavors and blended options available and emerging every day. NIST pairs Infrastructure as a Service (IaaS) with such offerings as Amazon AWS, Platform as a Service with GoDaddy, and Software as a Service (SaaS) with offerings such as Google Docs and Office365.

With innovation and end user demands exceeding onsite IT resources, outsourcing is a viable means to delivering requested services. Initially, the financial benefits for outsourcing or “going to the cloud” prompt the discussion as to whether a firm should proceed with the migration. During this thought process there are other very important things to consider that may impact the cost comparison. A recent Ponemon Institute report entitled “Data Breach: The Cloud Multiplier Effect” gave a haunting warning that increasing the use of the cloud can increase the probability of a multimillion dollar data breach by as much as three times. So what do you need to know before you begin?

Contributing Author

author image

Mark Brophy

Mark Brophy serves the director of IT Security and Risk Management Services at Keno Kozie Associates. Mark brings extensive knowledge on information technology networks and...

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.