Going to the cloud? BYOS (bring your own security)

Grazed from ComputerWorld. Author: Steve Pate.

There are many benefits to be gained by using the public cloud. Cost efficiencies, elasticity and collaborative access are mentioned most often. But will your data be secure in the cloud? And who is responsible for keeping it safe? These topics bear further exploration.

For small organizations – typically those that can’t justify adding someone with ‘security’ in their title to the team – outsourcing to a cloud service provider (CSP) may be more secure than trying to build and maintain their own data center. But for larger companies, especially organizations that must comply with privacy regulations like HIPAA/HITECH or PCI DSS, ensuring and validating data privacy can be more challenging in a public cloud environment…

Prying Eyes

One of the big questions you should ask before moving data to a CSP is ‘Do I care if anyone sees this data, and if so, from whom do I want to protect it?’ Those with malicious intent: Hackers, overzealous competitors, or even CSP insiders have much to gain in your cloud. Most cloud infrastructures are highly virtualized, providing a very concentrated environment that co-mingles data from many different organizations, which becomes an attractive target…

Read more from the source @ http://blogs.computerworld.com/cloud-security/22760/going-cloud-byos-bring-your-own-security