The biggest obstacle facing public cloud computing today is security. The major concerns include: internal and external threats, data collection, privacy and compliance. An essential part of any cloud implementation is the cloud service provider’s ability to have a secure infrastructure to protect customer data and guard against unauthorized access.
Today’s public cloud is becoming more secure than on-premise computing.
Cloud service providers are able to provide better security than enterprises in the following ways:
Enhanced Staff Knowledge:
Cloud providers have enough man power resources to train their staff to specialize in security, privacy, and other areas of high interest and concern to the organization. Through increased specialization, staff members can gain in-depth experience, take remedial actions, and make security improvements more readily than otherwise would be possible with a diverse set of duties.
Concentrating the Data in a Single Location:
Most companies these days have a mobile workforce where data can be dispersed on laptops or other devices making it vulnerable to theft or loss. Data maintained and processed in the cloud is stored in one location and securely accessed from anywhere making it less prone to data loss or theft.
Meet Government security requirements:
Cloud service providers are under considerable oversight and regulation by the government and other security authorities to ensure data privacy and security. Security requirements are always evolving to meet new threats. Meeting these requirements and processes is key to the success of cloud providers and are being included into their service offerings.
Backup and Recovery:
The backup and recovery policies and procedures of cloud service providers is much more superior to those of the organization. Data maintained within a cloud can be more available, faster to restore, and more reliable in many circumstances than that maintained in a traditional data center. For that reason, cloud services can also serve as offsite backup storage for an organization’s data center, in lieu of more traditional tape-based offsite storage.
Platform Strength:
The structure of cloud computing platforms has higher uniformity than that of most traditional computing centers. This uniformity facilitates platform hardening and enables better automation of security management activities like configuration control, vulnerability testing, security audits, and security patching of platform components. Cloud providers usually meet standards for operational compliance and certification in areas like healthcare (i.e., Health Insurance Portability and Accountability Act (HIPAA)), finance (i.e., Payment Card Industry Data Security Standard (PCI DSS)) and audit (i.e., Statement on Auditing Standards No. 70 (SAS 70)).
For these reasons, cloud-based computing has the potential to be more secure than what most organizations can deliver themselves. In the short term, public cloud providers who achieve various levels of compliance and security will have a strong competitive advantage; and those that provide thought leadership in the space can potentially make that advantage last longer.
Good to see someone pointing out that the null hypothesis to public cloud being insecure is that the existing systems are secure. Most security failures are down to process and internal staff. Saas Potentially has internal staff threats, but I’m not aware of any specific instances. IaaS is no more at risk to this threat as the only ones who could find the valuable data work for the customer.
A build on your point about the consistency of public cloud platforms. For the most part, organisations don’t know what they’ve got in their data centres, and would be shocked to see how weak internal security is. Externalising the platforms ensures that suitable attention is paid to securing the standard machine builds by the customer and the consistency makes assuring the configurations much easier. Devops + Continuous Delivery further reduce the cost of identifying and fixing security holes.