Cloud computing is the use of remote servers hosted by third parties (instead of local servers or computers) to store, process, and manage data and perform operations. It delivers on-demand computing services over the internet, eliminating the need for an organization to own its own computing infrastructure or data centers.
There are many advantages cloud computing provides, such as speed and efficiency via dynamic scaling. However, it also raises a range of concerns about security threats, such as:
Security is one reason some companies are reluctant to transition to cloud computing. However, data stored in reliable cloud services can be very secure.
Cloud computing providers deploy security controls to protect their environments, but cloud users are responsible for protecting their own data. You must remember that no matter where you host an application, its vulnerabilities will follow.
Simply moving on-premises workloads to a public cloud doesn’t automatically make these workloads more secure."
MacDonald, Leong & Cosgrove
|Gartner
A cloud server is a virtual server (server software that runs in a virtualized environment, rather than a physical server) that hosts websites or web applications. Cloud computing vendors provide the physical machines that these virtual servers run on. This arrangement offers flexibility, allowing you to spin up, or down, additional virtual machines as needed. Cloud computing allows you to pay for usage rather than hardware. So you can become more agile, reduce your time to market, and lower costs.
Cloud services are particularly attractive for smaller organizations and startups. In the case of a small organization, cloud services provide access to enterprise-class hardware and fault-tolerant features that might otherwise be cost-prohibitive. Similarly, startups benefit from cloud services because they can get their operations running quickly, without having to invest in on-premises data center resources.
There are three main cloud deployment models:
Cloud security is based on the same underlying principles as software security. You can increase the security of your applications in the cloud by building security into your applications before deploying them.
Most cloud providers take security seriously, providing a secure hosting platform for clients to implement services. However, security implementation changes from one cloud provider to another, and the use of cloud security services by no means removes your responsibility for securing your data and applications. It’s important to have a solid understanding of these security features and capabilities and use built-in cloud security features when possible. Here are some key features to look for when selecting a cloud provider:
Be sure to select a cloud services provider who has the necessary security features for the cloud infrastructures you’re deploying.
Plan: Cloud Maturity Action Plan
Assess: Cloud Architectural Risk Analysis
Assess: Cloud Configuration Review
Many companies have already transitioned to the cloud, while others are still planning their cloud migration. But data integrity, intellectual property, and customer data are often at risk during the transition to third-party hosted services. Many organizations work around this by using a hybrid infrastructure. In a hybrid environment, the most sensitive data is kept in-house while day-to-day operations take place in the cloud.
Migrating to the cloud can be a challenge for many businesses. Some vendors provide extensive integration to make it simple. For example, Office 365 is designed to sync with Active Directory to make migration as painless as possible. Moving a custom application may take additional time and effort. While this time and effort may be costly, the cost of migrating to the cloud is often offset by the reduced resource and hosting costs in the long term.
For some organizations, moving to the cloud may present challenges regarding data residency. Data residency refers to the physical location of data and documents. In the case of cloud computing, the physical cloud servers determine data residency, but a cloud provider’s servers are often spread across many locations. You must consider the data residency rules and requirements for both the locations in which you operate and the locations of your cloud service provider’s data centers.
When you’re deciding whether to migrate to the cloud, it’s important to weigh security considerations against the need for more efficient computer storage and procedures for each task. If the task has strict security requirements (such as secret key generation for servers), the cloud isn’t appropriate. If an application calls for scaled web services, you should conduct a risk assessment based on additional information, including the type of data handled and how that data is stored.
Securing data in the cloud requires continuous and comprehensive security risk identification and mitigation. You can adapt the fundamentals of security risk management to the unique features of the cloud ecosystem with these services:
Get insights into the current state of security for web-based apps and systems
Download the reportLearn how to gain visibility and secure your apps across the enterprise
Download the white paperGet the trends and recommendations to help improve your software security program
Download the reportThree steps to consolidate your effort, insight, and tools
Download the guide