Analytics: The Widening Divide
Strategies for Assessing Cloud Security
Cloud computing provides flexible, cost-effective delivery of business or consumer IT services over the internet.
Cloud resources can be rapidly deployed and easily scaled, with all processes, applications and services provisioned on demand, regardless of the user location or device. As a result, cloud computing helps organisations improve service delivery, streamline IT management and better align IT services with dynamic business requirements. Cloud computing can also simultaneously support core business functions and provide capacity for new and innovative services.
Both public and private cloud models, or a hybrid approach using both models, are now in use. Available to anyone with internet access, public clouds are acquired as a service and paid for on a per-usage basis or by subscription. Private clouds are owned and used by a single organisation. They offer many of the same benefits as public clouds, but give the owner greater flexibility and control.
Although the benefits of cloud computing are clear, so is the need to develop proper security for cloud implementations - whether public or private. Embracing cloud computing without adequate security controls can place the entire IT infrastructure at risk. Cloud computing introduces another level of risk because essential services are often outsourced to a third party, making it harder to maintain data integrity and privacy, support data and service availability, and demonstrate compliance. Even if IT workloads are transitioned to the cloud, users are still responsible for compliance and data security. As a result, subscribers must establish trust relationships with their cloud providers and understand the risk posed by public and/or private cloud computing environments.