Cloud: Yes, It Can Be Secure

June 25, 2012 Off By David

Grazed from BizTech2. Author: Robin Chaterjee.

One of the major challenges when launching a cloud project is overcoming misconceptions surrounding it. There can be situations wherein false expectations can mislead management, hamper early planning and distort the entire project – thereby, making the project’s success unlikely.

At the recent Cloud Summit, we caught up with some industry experts on what they thought were some of the myths surrounding cloud. And, the discussion brought to light two popular cloud myths doing the rounds in CIO circles…

Myth 1: Private Cloud Is Better Than Public Cloud

A key notion, especially among Indian companies, is that setting up a private cloud and investing millions will result in a better cloud infrastructure from all perspectives. While private cloud does solve the problem of customised requirements for the enterprise, there are some myths that are better busted.

One such misconception is that public cloud cannot match up to the security levels of a private cloud. “Public clouds have been hardened with rigorous penetrating testing from hackers all around the world. An enterprise will never be able to do all those malware penetration testing on its own,” says Jason Bloomberg, President, ZapThink.

Another misconception is that managing cloud service internally is more viable. “Enterprises cannot come up with the required expertise which public cloud vendors have managed to gather over the years. The talent pool with the public cloud providers is much bigger than an enterprise could possibly build,” adds Bloomberg.

Myth 2: If It’s Cloud It’s Not Secure

That there are certain security issues that need to be addressed in the cloud, is a fact. That cloud equals to a security nightmare, is a myth. And, this is a myth that refuses to die down.

It has been noted that not only the big cloud vendors but also the new entrants in the cloud market are offering cloud services highly focused on one specific deliverable, i.e., security. “They are very much aware that there is a high degree of exposure and they are investing heavily in recruiting the best security minds out there,” says Milind Borate, CTO, Druva.

With constant cycle of validation with customers and taking into account that multi-tenancy requires a higher degree of security, all the cloud service provides pay due diligence to the security requirements that a cloud environment warrants.

"If an enterprise opts for a cloud solution, its competitor can be right next door. This is why cloud services entail more encryption to keep data secure,” explains Dhiman Basu Ray, Senior Director & Global Practice Head – Cloud & SOA Adoption Business, Happiest Minds Technologies.

SLAs between an enterprise and cloud vendors now include the key aspects of security. The key to tackling the security issue lies in getting the SLAs right and for the CIO to ensure that all the security essentials are incorporated in it. “The specific security demands and requirements are included in SLAs with the vendors so that as a CTO you can be rest assured that your data encryption key is only with you and not with your vendor or its employees,” explains Borate.

CategoryNews

How To Tap Cloud Computing To Obtain A Competitive Advantage

China is racing past US, rest of world – and into the Cloud