Friday, May 11, 2012

How to Evaluate Cloud Security

Cloud computing is the hot-button tech topic these days. When it comes   to talk of transitioning companies to the cloud, there is one question   that just won’t seem to go away: Is it safe? For cloud computing to secure its spot as the future of computing,   businesses need to feel confident that their data is as secure in the   cloud as it would be in a traditional on-site infrastructure. When evaluating the services of a cloud hosting provider, businesses   therefore need to evaluate the security and backup systems with the same   rigorous criteria as their in-house operations

Here are five criteria to help evaluate the security of your cloud-based data:

1. Can We Intrude?
Even the most up-to-date firewalls will not prevent intrusion.  To   protect your data in the cloud, it is vital to have a solid intrusion   detection and prevention system (IDPS).  A first rate IDPS goes beyond   firewall protection and detects and blocks threats outside or above the   firewall layer.   It also screens out spyware and viruses at the   perimeter.

2. Privacy is Paramount.
 As further protection against   threats, a private, virtual local area network (VLAN) – situated beyond a   firewall – is absolutely essential to protecting your data.  You should   make sure the hosting provider you choose can guarantee they are   placing your servers in isolated VLANs to prevent any cross traffic   contamination.

3. Traffic in the Right Lane.
Another important   differentiator to look at: a well-implemented IDPS can also identify   anomalies in “normal” network traffic, offering yet another level of   security. It constantly scans all traffic coming to and from the   network, all the way up to the application layer.   Over time, it is   able to spot malicious intent that a firewall would miss. This helps   with protection against new malware, or “zero hour” threats.

4. Who Has Your Back?
Moving data to the cloud is a big   step for an enterprise.  You need to feel your service provider is   trustworthy and supports you 24×7.  One quality control check  is the   SSAE (Standards for Attestation Engagements) No. 16 Type II audit, which   confirms what level of service and reliability they are providing.    Besides the security issues such as threat detection and VLANs, you will   want to ensure the provider has trained, qualified personnel that can   provide you with reliable technical support as needed.

5. Fast Restore.
 No Waiting. Should the worst happen,   and there is a data loss, you will want your provider to have the   industry’s most rigorous application-consistent backup.  What this means   is that your hosting service has taken point-in-time snapshots of your   data, flushing all transactions to a disk, and avoiding data   corruption.  You get a cleaner, quicker restore, and no tape is needed!    Contrast this with ‘crash-consistent’ snapshots that can miss data and   take up to a day to restore, costing you expensive downtime.

The tremendous potential to businesses in terms of scalability and   flexibility (without having to invest in costly IT hardware that quickly   becomes obsolete) makes the transition cloud a worthwhile pursuit. By   performing due diligence on the security and backup systems of any cloud   provider, businesses can enjoy the benefits of moving to the cloud without losing peace of mind.

Cloud Training and Certification is available at