Top IaaS Security Requirements To Consider

Grazed from NetworkComputing. Author: Brian Prince.

Poll after poll shows that security remains a major concern for enterprises moving to the cloud. Despite all that concern, companies appear to be increasingly adopting Infrastructure-as-a-Service without paying much attention to IaaS security. According to analysts at TechNavio, the global IaaS market is expected to grow at a compound annual rate of about 45% between 2012 and 2016. In May, the Ponemon Institute and CA Technologies released a survey that indicated many organizations have not been practicing due diligence when it comes to selecting cloud providers.

The survey, which fielded responses from 748 IT professionals, found that only 49% of organizations evaluated security before deploying IaaS in 2012. Security experts cited a number of security issues to consider and security best practices to follow when signing a contract with an IaaS provider…

"The security requirements for using Infrastructure as-a-Service are essentially the same as they would be for using your own data center," Dave Cullinane, chairman of the Cloud Security Alliance board, told Network Computing. "You should evaluate (classify) the data you will be processing in that environment," he said. "How sensitive is it? Does it have value as intellectual property? Will you be processing transactions? Is it subject to regulations such as the Payment Card Industry Data Security Standard (PCI DSS)? Are there privacy restrictions that apply — e.g. HIPAA or Safe Harbor?"…

Read more from the source @ http://www.networkcomputing.com/next-generation-data-center/servers/top-iaas-security-requirements-to-consid/240158700