I recently started using Quora and find it quite useful. The idea of your thoughts to a particular question been voted up and down and the ability for community to challenge and contribute is inviting. I answered a question on Quora that I've cross posted on this blog that you may find useful. Feel free to comment.
What are the challenges related to cloud computing data security?
Of the five essential characteristics (On-demand self-service, broad network access, resource pooling, rapid elasticity, measured service), three service models (SaaS, PaaS, IaaS), and four deployment models (Private, Community, Public, Hybrid Clouds) of Cloud computing (as defined by NIST), organisational data security faces a variety of risks. The level of risk can be determined by what models organizations subscribe to or adopt and more importantly, what data they decide to move to the cloud. For example, a Private Cloud deployment model will reduce the risk compared to a Public Cloud or a Community Cloud generally, however will need to compromise on certain essential characteristics.
Data, based on its classification, requires appropriate controls applied for its security. Whether it be a system configuration, IP (Intellectual Property) in the form of software, a database with PII/sensitive data or publicly available data, the hard part is identifying where this data is in the Organisation and what people, processes and technologies access and support it. Cloud computing, depending on the model and characteristics used, tends to abstract this even further. For example, with the ‘resource pooling’ characteristic of the cloud, if sensitive data is stored in a Public cloud, as per the NIST definition ‘…customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.’ This means that in case of a security breach or a follow-up investigation in a public cloud model, it will be hard or near impossible to find out exactly what the data loss impact is and where the data resides. This is an example for data at rest (storage). There are similar challenges for data in transit and in process. The challenge is identifying what Cloud computing model and characteristics for what data will maximise efficiency and minimise the risks.
Nice article.Collecting the response of following cloud security survey:http://www.surveymonkey.com/s/BNF3V65
ReplyDelete