Wednesday 26 May 2010

How Managers Stopped Worrying and Learned to Trust the Cloud

More than half of European organisations believe that cloud computing will result in an improvement in security defences. That's according to a survey conducted on the behalf of IT conference 360.

In February, a survey from Symantec found that only a third of IT managers thought cloud computing would improve security - the same number that thought cloud would make their systems more insecure

The survey could herald a change in attitude by IT managers. Security frequently features as the number one inhibitor when it comes to looking at cloud. Only this week, SNIA Europe chairman Bob Plumridge described how it was the main concern of user companies. And in March, the former US National Security Agency technical director, Brian Snow said that he didn't trust cloud services

According to the 360IT poll, only 25 percent of managers surveyed thought that the onset of cloud computing would make security worse.

Commenting on the survey, Richard Hall, CEO of CloudOrigin, said that the current trend of businesses migrating their IT systems into the cloud does not mean a reduction in security defences.

"After decades performing forensic and preventative IT security reviews within banking and government, it was already clear to me that the bulk of security breaches and data losses occur because of a weakness of internal controls," he said in his 360IT blog post.

According to Hall, the complete automation by public cloud providers means the dynamic provision, use and re-purposing of a virtual server occurs continuously within encrypted sub-nets. "That's why solutions built on commodity infrastructure provided by the likes of Amazon Web Services have already achieved the highest standards of operational compliance and audit possible," he said.

Original Article - CIO

Join Us: http://bit.ly/joincloud

1 comment:

Anonymous said...

IMHO, when considering security, 2 items need to be addressed:
1) Physical security of the hardware 2) Security of the Data - here are some resources to help as guidelines when considering security and the cloud:

Physical security:
http://www.globalfoundationservices.com/security/index.html
http://www.globalfoundationservices.com/security/documents/SecuringtheMSCloudMay09.pdf


Data Security:
http://www.research.microsoft.com/en-us/projects/cryptocloud/
http://www.research.microsoft.com/en-us/projects/secpal/

thoughts?

hope that helps
-cn