CLOUD COMPUTING SECURITY TIPS

1. SECURING THE CLOUD MAY 6, 2011   With its advantages in cost, convenience and performance already established, security has become the next battlefront for companies deciding whether a cloud computing solution is right for them. Can sensitive data be secured in a virtual environment? The answer is yes. Companies still working with aging equipment and hard drives are more vulnerable to a data breach than those who take advantage of the monitoring and intrusion control systems built in to protect stored virtual data. In fact, cloud computing can actually improve security protocols with the right service provider. Small Business Computing.com has published a list of ten cloud computing security tips, geared toward small businesses (http://www.smallbusinesscomputing.com/biztools/article.php/3927376/10- Cloud-Computing-Security-Tips-for-Small-Businesses.htm) Among them: assign a value to your assets, so it’s easier to determine the necessary level of security, and research the processes used by potential providers to make certain your needs will be met. Another valuable source of information is the Cloud Security Alliance (CSA), an organization dedicated to industry best practices that is comprised of industry leaders, corporations, associations and other key stakeholders.

2. In April of 2011, the CSA announced its participation in efforts currently underway to create security standards. First up, a new proposal to reinforce the current Code of Practice for Information Security Management (ISMS) found in the ISO/IEC 27002 International Standard. The aim is to provide guidelines on information security controls for the use of cloud computing services based on ISMS security controls. “By working closely with ISO in the highly dynamic cloud computing environment, the industry can have confidence that CSA guidance will be enduring, and that they can align with it now,” said CSA chairman of the board Dave Cullinane.