Cloud Computing is gaining traction in many different businesses. It has allowed
businesses to access applications over the
internet and save their investments in hardware and software.
Cloud computing offers a cost-effective IT solution that fuels business growth. But, increasing security threats are giving rise to concerns about security within cloud computing.
Cloud security refers to the practice of protecting digital assets, data, and
information within the cloud
To understand the concerns and provisions of cloud security, let’s look at some key insights provided by Cloud Service Providers (CSPs)
Losing data is as harmful as having it stolen.
Loss of data could be disastrous for the productivity of an organization. Server failure and hacker attacks can cause loss of data. However, most cloud networks keep data in at least three different locations. Hence, a copy of critical data is stored and is accessible to the user until the user permanently deletes it.
There is always a risk of piracy and copy of data when it is shared. However, in Cloud
Computing, data is not
shared, instead, access is allowed.
Rather than making a copy, the user gives access to anyone they want to see the file. Others cannot share the file unless the permission is authorized by the original user. The unauthorized distribution of data is protected and users can control exactly who sees it.
Users of cloud services are potentially at risk of cyberattacks due to data
storage through the internet.
Distributed Denial of Service (DDoS) attacks are a common threat, whereby the hackers send an excessive amount of traffic to a web-based application, thereby crashing the servers. However, Cloud infrastructure detects the DDoS attacks and automatically baselines traffic, identifies anomalies and creates mitigations.
This mitigation system protects against layer attacks.
There are several techniques available for data security.
Data encryption services are generally provided by the CSPs. Encryption means transforming or encoding sensitive data before storing it in the cloud and the same is decrypted by the encryption keys. By doing this, the organization ensures that only authorized users have access to the data.
Cloud infrastructure complies with firewalls which provide virtual barriers and protection from malicious traffic to the applications hosted in the cloud.
For the protection of sensitive data from leakage, companies have to comply with several
certifications prove the company's technical capacity to protect sensitive business
For example, HIPAA and HITECH compliance for Health Insurance and Technology industry whereas, PCI DSS compliance for payment and card industry.
Cloud Services Providers invests a lot in cloud security and data is somehow, more
secure in the cloud as compared
to local servers and data centres.
However ultimately, as Urteaga says, there’s nothing that’s 100% safe.