IT Training and Certification Blog by Training Planet Online Interactive Training and Certification City Live Boot Camp Classes.
Friday, May 11, 2012
How to Evaluate Cloud Security
Cloud computing is the hot-button tech topic these days. When it comes to talk of transitioning companies to the cloud, there is one question that just won’t seem to go away: Is it safe? For cloud computing to secure its spot as the future of computing, businesses need to feel confident that their data is as secure in the cloud as it would be in a traditional on-site infrastructure. When evaluating the services of a cloud hosting provider, businesses therefore need to evaluate the security and backup systems with the same rigorous criteria as their in-house operations
Here are five criteria to help evaluate the security of your cloud-based data:
1. Can We Intrude?
Even the most up-to-date firewalls will not prevent intrusion. To protect your data in the cloud, it is vital to have a solid intrusion detection and prevention system (IDPS). A first rate IDPS goes beyond firewall protection and detects and blocks threats outside or above the firewall layer. It also screens out spyware and viruses at the perimeter.
2. Privacy is Paramount.
As further protection against threats, a private, virtual local area network (VLAN) – situated beyond a firewall – is absolutely essential to protecting your data. You should make sure the hosting provider you choose can guarantee they are placing your servers in isolated VLANs to prevent any cross traffic contamination.
3. Traffic in the Right Lane.
Another important differentiator to look at: a well-implemented IDPS can also identify anomalies in “normal” network traffic, offering yet another level of security. It constantly scans all traffic coming to and from the network, all the way up to the application layer. Over time, it is able to spot malicious intent that a firewall would miss. This helps with protection against new malware, or “zero hour” threats.
4. Who Has Your Back?
Moving data to the cloud is a big step for an enterprise. You need to feel your service provider is trustworthy and supports you 24×7. One quality control check is the SSAE (Standards for Attestation Engagements) No. 16 Type II audit, which confirms what level of service and reliability they are providing. Besides the security issues such as threat detection and VLANs, you will want to ensure the provider has trained, qualified personnel that can provide you with reliable technical support as needed.
5. Fast Restore.
No Waiting. Should the worst happen, and there is a data loss, you will want your provider to have the industry’s most rigorous application-consistent backup. What this means is that your hosting service has taken point-in-time snapshots of your data, flushing all transactions to a disk, and avoiding data corruption. You get a cleaner, quicker restore, and no tape is needed! Contrast this with ‘crash-consistent’ snapshots that can miss data and take up to a day to restore, costing you expensive downtime.
The tremendous potential to businesses in terms of scalability and flexibility (without having to invest in costly IT hardware that quickly becomes obsolete) makes the transition cloud a worthwhile pursuit. By performing due diligence on the security and backup systems of any cloud provider, businesses can enjoy the benefits of moving to the cloud without losing peace of mind.
Cloud Training and Certification is available at http://www.certificationcity.com
Labels:
cloud security training