Skip to main content

What You Should Know About Cloud Security

By October 8, 2013September 7th, 2021Blog

In the upcoming fiscal year, the cloud budget could be as much as 30% of the overall IT budget in many businesses. The demand and versatility of using the cloud has made it a new standard for today’s business. The effectiveness and efficiency of traditional security mechanisms are no longer solely dependable. Similar security principles may still apply, but more robust and specific measures are also necessary. Additionally, cloud computing also harbors potential privacy concerns. The risk being that the service provider can access the data in the cloud at any time. Information could not only be viewed, but potentially altered or deleted.

Risk mitigation should be a priority consideration when reviewing the different cloud security service provider (CSP). The following security issues should be an upfront and ongoing concern for the CSP to manage.

  1. Sensitive data access
  2. Data segregation
  3. Privacy
  4. Bug exploitation
  5. Recovery
  6. Accountability
  7. Malicious insiders
  8. Management console security
  9. Account control
  10. Multi-tenancy issues

Solutions for managing these issues may often include cryptography, particularly public key infrastructure (PKI), multiple providers, standardization of APIs (application programming interface), improving virtual machine support, and legal support.

As cloud use continues to increase, it is likely that more criminals will find new and creative ways to exploit the system vulnerabilities. Finding the right partner can alleviate many of these security concerns. Inquire into the following when interviewing cloud service providers:

  • Risk. Investing in risk assessment is a proactive approach to fully understanding cloud security threats. A system auditing process can build assurance and will strengthen compliance.
  • Facilities. Cloud infrastructure is housed in a physical location. Inquire as to the physical structure, security procedures, power, equipment, staffing expertise and processes. Knowing how secure the platform and infrastructure are will be vital in establishing a trusting foundation.
  • Data. Ensure the system encrypts data at the very least; determine exactly how the service provider approaches protection of your data.
  • Access. The most fundamental point to data security has to do with the people who have access. Determine what process the service provider must follow and how access is controlled.

Businesses are feeling the pressure to reduce IT costs and to maintain current with quickly evolving technologies. The use of a cloud service provider can alleviate both of these issues. However, even with this inviting cloud security solution, risk and security management are a priority consideration. Take the time to find the right CSP, as they will become a valuable resource to your business.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.