Myths about security in cloud computing

Cloud computing is one of the most progressive pillars of the IT sector. However, the very concept of cloud computing with the added complexity of virtualisation can throw a novice to unknown waters. The word cloud itself sounds porous and easy to penetrate. But such is not the case on a larger picture. Despite being more and more ubiquitous in various business environments, cloud computing carries its share of security concerns. It’s time that everyone knows the whats and whys of cloud computing and destroy these myths once and for all.

Myth 1: Public cloud storages can be easily targeted

Public clouds are just as vulnerable as private clouds. Securing data, whether or not on cloud, is an ongoing process. You cannot think of security as product or service. It is a constant battle and one has to be fully equipped to fight this war. For example, many providers are on top of their security game with PCI, HIPAA, SOC 2, SSAE16 and various ISO standards. In addition, they offer data encryption and have effective data loss prevention policies in place. So, the problem does not lie in the public cloud, but the security measures taken by the vendor and the corporation.

Myth 2: All cloud apps are the same

A user will not use all of his cloud software in equal amounts and hence, the security for cloud computing will be different in each case. Depending on the sensitivity of the data, the profile of the user, the intended use of the data and other factors, different policies can be put into place to manage session authentication, data distribution control and other threats.

Myth 3: Your cloud service provider holds complete responsibility for your cloud storage

It’s a common myth that the cloud provider will be at your beck and call. No they won’t. Think of it as leasing an apartment, the owner will provide you with all the necessary security (guards, alarms, etc.) but you have to be careful at your end. You cannot give keys to everyone. On cloud as well, you will have to manage passwords, protect against identity fraud, encrypt sensitive data, provide access to devices via secure networks and take care of other risk mitigation activities.

Myth 4: Corporate networks are stronger in protecting cloud apps

Corporate networks are not necessarily more secure. Security breaches and data loss are just as common. Corporate networks or not, cloud apps can be vulnerable if not implemented right. A secure cloud gateway that shields the interaction between the corporate network and the cloud is imperative. The key here is working with a provider who focuses on deploying world-class networking security, monitoring services and intrusion detection.

Myth 5: Tenants in the same cloud can spy on one another

Multiple tenants share storage, processing and other services in a public cloud but thanks to virtualisation, there is a strong partition between each tenant. Even the virtual machines sharing the same servers are isolated altogether from other VMs. And if that’s not enough, corporations can use CSPs that isolate VLANs to hold other tenants off their networks.

    Get in touch


    * Mandatory Fields

    Related Posts

    Sify Technologies

    Leave A Comment