Cloudy and a chance of threats

Share this article:
Anthony James
Anthony James

The term “cloud computing” puts both giddiness and fear in the hearts of IT managers around the world. Adopting cloud-based services gives organizations many benefits, but it also opens them up to many risks and vulnerabilities.

Securing the cloud will be one of the biggest challenges for network managers as more companies adopt services, such as storage for rent, software as a service, virtual IT and application hosting. The concept of protecting data-at-rest versus data-in-motion comes into play, forcing organizations to examine various security mechanisms to secure their data while it's stored or circulated in the cloud and when it's brought back to the network proper.

These challenges include application control, encryption, SSL inspection, data leakage protection and anti-virus. Data while at rest in the cloud may be protected in a lock-and-key manner to prevent unauthorized access, but infected data is not necessarily cleansed in the cloud.

To guard against any data loss of confidential projects for data stored in the cloud, IT administrators must ensure the vendor has an access control security policy and that data cannot be leaked. As well, regulatory compliance considerations need to be evaluated as part of the cloud-vendor selection criteria.

When it comes to data in transit, administrators should ensure the network security solution can inspect application content for malware, determine whether or not it is encrypted, and make certain it can look for threats as data enters and leaves the network.  

When it comes to data in use, ensure the vendor provides adequate protection so that data is clean of malware and that co-located content is not infected if malware is present.

It's also vital to ensure that appropriate client security controls are in place so that data downloaded from cloud-based services is not infected and carried into the network or back into the cloud.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in Opinions

Beware of the malware walking dead

Beware of the malware walking dead

This Hallows Eve might be a good time to remind ourselves that zombies can be just as deadly, and I'm referring to recycled tools and techniques from years gone by.

Why the Home Depot attack shouldn't have happened

Why the Home Depot attack shouldn't have happened

Major retailers are falling prey to massive credit card information heists, despite spending millions on cyber security systems.

Next-generation malware: Think like the enemy and avoid the car alarm problem

Next-generation malware: Think like the enemy and avoid ...

When it comes to enterprise security, one rule remains constant - attacks will continue to increase in sophistication and attackers will seek to outmaneuver existing defenses.