How Secure Is The Cloud?

Redundant Infrastructure

How much of the cloud infrastructure is redundant?

Redundancy offers security in the sense that your applications will be there almost no matter what happens to you cloud provider's own infrastructure.

Most cloud providers offer to automatically protect your data by running independent and geographically distinct data centers, so that your infrastructure will continue running even if one of their data centers fails. It doesn't hurt to ask before you start using the service. Amazon, for example, has several distinct "zones" in North America, Asia, and Europe where its servers are located. A user can specify the location of his virtual servers and design an environment to be protected in case of any failures. A more complete discussion of the various security decisions involved in using Amazon's Web Services can be found here. For the US Golf Association, Carroll built in the requirement that the vendor provide a hot site at another location in case of any downtime. "We pay a bit more for this redundancy, but it gives us a level of comfort too."

Amazon's Web Services can provide for geographic diversity through its zones and regions in three different continents.Amazon's Web Services can provide for geographic diversity through its zones and regions in three different continents.

Create a new thread in the US Reviews comments forum about this subject
This thread is closed for comments
14 comments
Comment from the forums
    Your comment
  • fstrthnu
    Answer: It's safe IF you play your cards right, but almost all of the time you can forget about decent security
    1
  • Anonymous
    You haven't really addressed many of the security concerns IT pros have about "the cloud". Who potentially has access to my data, what controls are in place to keep that data safe (ie could a rouge employee rip backup of my DB and take it home)? How are other legal situations handled, such as warrants/requests for data from law enforcement, will the customer be notified, will the vendor simply comply, etc? What happens *IF* the cloud vendor goes out of business one day, where is my data (one would assume there would be warning signs before this happens, but stranger things have happened)? There are tons of questions with not many good answers out there.
    2
  • babachoo
    This article has been brought to you by domestic datamining organizations and the people they have in their pockets.
    0
  • gonebamboo
    Check out this cloud-based (Software as a Service) platform and its security architecture.

    http://www.otakhi.com
    http://www.otakhi.com/pages/security.html
    0
  • ludikraut
    This article barely scratches the surface of security issues surrounding cloud computing. It reads more like an executive summary than something I would expect to see on Tomshardware - very disappointing.
    0
  • Anonymous
    Cloud computing is overrated. Your data will never be secure in someone else's hands. Any encryption can be broken with time.
    0
  • Anonymous
    I didn't really see any mention of on-site encryption in this article, only transport encryption. Also, who assures us that claims made regarding security are entirely true instead of being marketing word-play which seems so popular these days. Only when a cloud service publishes results done by a third party auditor that I trust will I use them.
    0
  • gtaker
    If you are in the external cloud with your company your data will be compromise.. I'm 100% sure of that... we look at this cloud stuff 8 years ago and came to that conclusion if you need to do it, do it inside your company not outside...
    0
  • sadams04
    Security is always a concern, but my main concern with the cloud is around someone else being responsible for up-time / availability. Those priorities rarely line up across multiple companies. While you may recover lost revenue through a breach in service level agreements, you can't recover customer perceptions and experiences in the same way.
    0
  • perrakis
    There's an updated version of the Ponemon Cloud Security Study available from the report's sponsor, Dome9: http://www.dome9.com/resources/ponemon-cloud-security-study.

    Incidentally, Dome9 offers free cloud security for an unlimited number of servers. You can check them out at http://www.dome9.com. Essentially, their value prop is the ability to close administrative ports on a remote cloud server and make access available on demand. This is important in the cloud where your servers operate outside your traditional network, and leaving ports open exposes them to hackers, brute force attacks, and exploits.
    0
  • Scanlia
    I found a really helpful article on cloud computing prices, and comparing all the different companies.

    http://www.wcbk.info/2012/05/cloud-price-comparison.html
    0
  • ken66_31
    Cloud computing can be so secure if you work with the right tools: http://www.drive-maxx.com/Pages/Product-information_3. Your data will be encrypted on your computer.
    0
  • Xalman Xhan
    There are actually two fears about cloud computing that deal with security – data security and job security. Organizations might get comfortable with data security but their IT side of the house doesn’t feel comfortable with job security. The cloud was supposed to be this evil thing that was going to eliminate jobs for local IT departments, but truth of the matter is that job elimination hasn’t actually happened. IT managers and professionals are working with increasingly restrained resources under impossible deadlines, but that has always been the case.

    http://www.dincloud.com/blog/security-in-the-cloud

    This is another interesting article that discusses Cloud security in detail.
    0