7 deadly sins of cloud computing

January 2, 2013 Off By David

Grazed from CSO. Author: David Geer.

Automation, cost savings, and data redundancy—no wonder cloud adoption is tempting. The CISO can rest easy knowing there is no vice in moving to the cloud to reap these rewards. What may keep her up at night is not knowing how many missteps the enterprise is making in the process. Here CISOs and security buffs round up seven security sins that can undermine cloud computing’s benefits.

Failing to check IDs at the door

The only secure way to log in to the cloud is through enterprise identity management systems. Though many cloud services permit just about anyone in the organization to sign themselves up, create their own IDs and passwords without registering these with the enterprise, and then connect these credentials to personal email addresses, that does not mean that IT or the business should let it happen…

"While it is easy to start out this way, failing to integrate with enterprise IMS will leave the organization open to leaks, policy violations, and ultimately the inability to secure the cloud," says John Thielens, Chief Security Office of Axway. In a similar way, some companies that are deploying IaaS do so rather quickly—using self-service capabilities—to address complaints that their IT departments are slow and unresponsive. But this approach bypasses governance, allowing unguarded access to cloud servers…

CategoryNews

What are the top 3 myths about cloud ERP software?

Canonical Enhancing JuJu Cloud Services Orchestration Tools