10 Areas of Concern in Cloud Security
The DLT Cloud Advisory Group is focused on the emerging cloud landscape and proactively engages with the public sector community interested in cloud computing. We also actively contribute to establish standards through our participation in various Standards Development Organizations. Along with IEEE, NIST, and the CSA, we are active contributors to the Cloud Standards Customer Council (CSCC). Most recently, we have been assisting the CSCC Security Working Group’s research efforts for their recent whitepaper, “Security for Cloud Computing: 10 Steps to Ensure Success.”
CSCC is an end user advocacy group dedicated to accelerating successful adoption of cloud solutions and drilling down into the standards, security, and interoperability issues surrounding the transition to the cloud. The group works to lower the barriers of widespread adoption of cloud computing by helping to prioritize key interoperability issues such as cloud management, reference architecture, hybrid clouds, as well as security and compliance issues.
As cloud computing continues gaining momentum, the cloud security landscape is emerging at a fairly rapid pace. Migrating to a public cloud computing requires a transfer of responsibility and control to the Cloud Service Provider (CSP). There are a number of security risks associated with cloud computing that must be proactively addressed.
The whitepaper provides a practical reference to help enterprise IT and business decision makers as they analyze and evaluate the security implications of cloud computing on their business. It also discusses the threats and technology risks in and safeguards for cloud computing environments.
The six-month research project was wide and deep in scope. While it could be argued that there are many more than 10 steps to ensure a secure migration to the cloud, the paper is intended to help get potential adopters started in the right direction by categorizing their potential problems into 10 areas of concern.
Editor’s Note: DLT Cloud Advisory Group member Shamun Mahmud earned a Certificate of Cloud Security Knowledge from the Cloud Security Alliance and is a member of several noted industry groups, including NIST and the Open Web Application Security Program. See Shamun’s response to the seven most common challenges to cloud computing here.
Photo courtesy of venturebeat.files.wordpress.com