Mitigating the Risks of Cloud Computing
We have seen a clear trend in recent years of companies shifting their data and services in the cloud. A number of cloud-computing-service-providers jumped on the bandwagon and the growth will be explosive. As with most new technologies, the opinions are divided on the benefits of cloud computing. Some analysts see it as the greatest thing since sliced bread and predict an irreversible shift towards cloud computing. You can find an analogy in the electrical power network, the computing is a utility like electricity. Others compare cloud computing, Colocation, and the time-sharing computer systems. You can see that the pendulum will swing back, and cloud computing to fall out of fashion sooner rather than later.
The most likely is that the result is obviously not as black and white as some people like to see it. The old time-sharing computing and software-as-a-service (SaaS) provider, were limited in their scope. Now the cloud of the Internet, and the Internet is everywhere. The Service Provider can. therefore, Global transactions with little technical effort Cloud computing is not the solution, or even a viable solution for all companies that there are. Open-source-software evangelist Richard Stallman called cloud computing a “trap”, and added that people and companies should not rely on a remote provider of services with your valuable data. Although these comments are quite extreme, Mr. Stallman has a valid point in relation to the security of the information and the cloud. Confidence in the cloud with data and services, in order to take into account a new set of risks. Mr. Stallman, obviously, preferred to have a total control over your data and software.
However, the construction and operation of a data center is not a viable solution for most companies. For small organizations, the companies are benefiting around the world the services available from the cloud. What you should know is that cloud computing may mean that the delegation of the security of the cloud operator. This delegation means that, additional risk must be mitigated with adequate controls. Examples of risks include bankruptcy or cessation of operations by the cloud service provider and data storage failure in the cloud infrastructure. Examples of controls that must include the service-level agreements (SLA) with the service providers, which specify the acceptable downtime; redundant services with multiple service providers; and a local system backup of your valuable data.
ENISA, the European Network and Information Security Agency) has recently published a 125-page report on cloud-computing-risk-assessment need to take into account many aspects, before the transition to the cloud. Another panel deals with cloud security, the Cloud Security Alliance. You have isssued the first version of a complete security guide, provides the specifications of the safety benefits or challenges for all of the critical areas of cloud computing, divided into models of service. The main service models of IaaS, SaaS and PaaS, which means that the infrastructure-, Software-and Platform-as-a-Service, respectively. In IaaS-cloud-provider the minimum safety and responsibility, while in SaaS, who takes the greatest responsibility. In PaaS, this responsibility is located in an intermediate point between the ends.
Companies and institutions must carry out a risk assessment before a decision on the inclusion of sensitive data in the cloud. Several security controls can be implemented to reduce the risks and ensure the safety. Security is not necessarily dependent on the taxes, it is rather the General of the functionality of each implemented security control. This is the reason why Stiki RM Studio has developed an innovative software solution based on international standards, which helps companies, gap analysis and risk assessment, and improve their competitive advantage.