What to keep in Mind while Securing the Public Cloud
The use of Cloud Computing has eliminated many of the problems related with information technology like knowledge, capacity and integrity when these services are used. To protect data in a traditional datacenter, there is a combination of controls on physical access, access to hardware and software, and identity controls. This protective barrier that safeguards infrastructure is diffused in the cloud. To balance this, security needs to become information centric. It is necessary for data to have its own security that travels with it and protects it. To ensure this happens, it will require
• Isolation of Data
Data needs to be held securely in order to protect it when multiple customers use shared resources. In most cases, virtualization, encryption and access control will be significant for enabling different degrees of separation between corporations, communities of interest, and users.
• Additional granular data security
It is imperative that the granularity of data classification enforcement increases with the increase in the sensitivity of information. In most cases, as the information remains within the control of the enterprise itself, granularity of role-based access control at the level of user groups is acceptable in the current data center environment. For information in the cloud, sensitive data requires security at the file, field, to meet the demands of assurance and compliance.
• Reliable data security
To meet the enterprise’s own needs as well as regulatory policy mandates, there is an evident need for policy-based content protection. For certain categories of data, information-centric security will demand encryption in transit and at rest, in addition to management across the cloud and all through the data life cycle.
• Effective data classification
Cloud computing compels a resource swap between high performance and the requirements of robust security, and to balance this, data classification is an essential tool. To make performance cost and benefit decisions, as prerequisites, enterprises need to understand that data is important and where it is located. It is also imperative for enterprises to ensure that data-loss-prevention procedures focus on the most critical areas.
• Information rights management (IRM)
Usually treated as a component of identity IRM is a way of setting controls about which users have access to what data. Data-centric security requires that policies and control mechanisms regarding the storage and use of information to be associated directly with the information itself.
• Governance and compliance
Cloud computing infrastructures must be able to verify that data is being managed according to the applicable local and international regulations (such as PCI and HIPAA) with appropriate controls, log collection and reporting. Not only is it important to document access and denied access to data, but it is also to ensure that IT systems are configured to meet security specifications.
Sensitive data in the cloud will require granular security, maintained consistently throughout the data life cycle. Cloud computing providers in India offer great features at the most competitive price which can be an ideal solution for business owners.
Article Source: ArticleCell.com
Technology Articles RSS Feed: http://www.articlecell.com/rss/Technology/8
Author Bio: Read more on - datacenter, Cloud computing providers in India, Dedicated hosting India