Security Risks of Cloud Computing
In recent years, cloud computing has achieved significant growth in various segments of IT industry. Now, businesses have started realizing the benefits they can derive from cloud services. Such benefits include- fast access to business applications, effective utilization of infrastructure resources, lower costs and so on. However, as more and more companies/individuals are using cloud for storing their data, the security concerns associated with it are also growing rapidly.
Following are some security issues that you should raise with your cloud vendor before selecting them:
1. Access to Data
Storing confidential data at distant location involves great level of risk. It is advisable for you to ask your service provider to provide you details as to who would be monitoring your data, who would have access to it and so on. In addition to this, how these users will be able to access the data and what are their access levels
2. Check for certifications
There is no doubt that customers themselves are responsible for the security of their data irrespective of the fact that it is stored by external organization or not. You must ensure that your vendor possesses required certifications.
3. Location of Stored Data
Many people ignore this aspect while using cloud services. They don't even know in which country or location their data is being stored or monitored. Here you should ask the service provider if they can store your data in specific locations or not.
4. Ensure Security Aids
Most of the service providers use encryption for the security of stored data. However, you need to understand that encryption is not the complete cure for such issues. You must ensure with vendor that they have well tested their encryption schemes so as to avoid issues at later stage.
5. Recovery
It is very important for you to ask for recovery options. Usually, cloud vendors offer strong data recovery options in case of disaster events. However, you should ask your vendor, what will happen to the data stored in the event of disasters.
6. Investigative support
It is almost impossible to investigate wrong or illegal activities in cloud computing as the data may be co-located and might also spread over different hosts and data centers. However, still you should ask your vendor for contractual commitment for supporting specific types of investigation.
7. Check Long-term viability
You must ensure the long term viability of vendor. It doesn't mean that the cloud provider will be acquired by some big company. However, you must be sure that your data remains available even after the event.
Following are some security issues that you should raise with your cloud vendor before selecting them:
1. Access to Data
Storing confidential data at distant location involves great level of risk. It is advisable for you to ask your service provider to provide you details as to who would be monitoring your data, who would have access to it and so on. In addition to this, how these users will be able to access the data and what are their access levels
2. Check for certifications
There is no doubt that customers themselves are responsible for the security of their data irrespective of the fact that it is stored by external organization or not. You must ensure that your vendor possesses required certifications.
3. Location of Stored Data
Many people ignore this aspect while using cloud services. They don't even know in which country or location their data is being stored or monitored. Here you should ask the service provider if they can store your data in specific locations or not.
4. Ensure Security Aids
Most of the service providers use encryption for the security of stored data. However, you need to understand that encryption is not the complete cure for such issues. You must ensure with vendor that they have well tested their encryption schemes so as to avoid issues at later stage.
5. Recovery
It is very important for you to ask for recovery options. Usually, cloud vendors offer strong data recovery options in case of disaster events. However, you should ask your vendor, what will happen to the data stored in the event of disasters.
6. Investigative support
It is almost impossible to investigate wrong or illegal activities in cloud computing as the data may be co-located and might also spread over different hosts and data centers. However, still you should ask your vendor for contractual commitment for supporting specific types of investigation.
7. Check Long-term viability
You must ensure the long term viability of vendor. It doesn't mean that the cloud provider will be acquired by some big company. However, you must be sure that your data remains available even after the event.
Source...