Thoughts on Cloud Security

09.14.2011

An article at zdnet discusses Eight ways that Cloud Computing will Change Business including “More self-service IT from the business-side” and “more tolerance for innovation and experimentation from businesses.” For many small organizations there are plenty of advantages to offloading some infrastructure woes to a cloud service provider. At the same time, as expected, there are tradeoffs to consider… in this case, security.

You’ll note in the zdnet article there’s a graphic showing cloud security as a negative, a weakness. It mostly depends on your needs as an organization, but security is consistently one of the biggest issues you’ll hear about when folks discuss cloud computing.

Here’s why: it’s your stuff, but it’s on someone else’s servers.

Maybe it’s the confidentiality of your emails that you’re concerned about, or the pricing on various draft proposals, or the location of a scheduled meeting for members of a controversial council. The basic question is, what do you have to lose if your information is exposed to outsiders?

If you’re in charge of a hang-gliding club and just need some online resources like webmail and a calendar of events, security isn’t going to be much of an issue for you. If you’re running a local bank, then keeping your customer’s info safe and secure is a critical, top priorty. Most of us are somewhere in between.

One way to approach the cloud is, as the core, the backbone of your business where everything is in the cloud and nothing is considered “local” (this is the Google model of cloud computing). Another approach to the cloud is that it could simply be a handy backup plan for when something goes haywire with your local system (the Apple model of cloud computing). You can mix and match various approaches to fit your needs and context.

Will your cloud apps require https or is http okay? Should you encrypt your documents before saving them online? What level of redundancy will you require of your service provider? EduCloudComputing will help you navigate the labyrinth of security issues and help provide clear understanding of the options, risks and rewards involved.

Leave a Reply