Monday, March 30

12 reasons not to take cloud security for granted

For the most part, the cloud is about making computing resources available by hiding the underlying complexity. This opacity can lead to complacency towards suppliers. This article from CIO USA unveils some of the rarely mentioned issues regarding cloud security.

The promises of the cloud are irresistible. For a paltry amount, customers can mount a server. Backups are done in one click. No need to worry about buying equipment or keeping the server room at the right temperature. Just log in and everything works.

If the cloud has become the default IT strategy, the initial concerns about its security have not disappeared.  (Credit: DR)

However, these gains in practicality translate into a loss of control. Anywhat suspicious customers might wonder if the game is worth the effort. What is really happening behind the veil? Initially, companies were cautious about sending their data and processing to the cloud for a number of fundamental reasons, including security and privacy. While the initial turmoil has given way to an era when the cloud is the default IT strategy, many of these initial concerns remain. Others have even appeared since the use of the cloud exploded. Here are twelve reasons not to take cloud security for granted.

1. The same security holes are found there

Cloud instances run the same operating systems as workstations and independent servers. If a backdoor in Ubuntu version 14 can be exploited to penetrate machines in an internal server room, it is almost certain that it can also be used on your cloud-based version. If cloud instances are popular, it is precisely because they are interchangeable with your private servers. Alas, this same observation applies to bugs.