Home » Exclusive Features , Expert Opinions » Outsourced storage and storage service providers , Storage strategy » Cloud security: CIO concerns

Cloud security: CIO concerns

 

Cloud security: CIO concerns

Tags:
   cloud computing   Frost & Sullivan

By Loh Ching Soo, Country Manager, NetApp Singapore | Sep 8, 2011

Thumbnail: 
In a study conducted by Frost and Sulivan late last year, more than 70% of 10,400 information security professionals revealed growing concerns about the increased risk coming from cloud computing and mobile devices.
 
The adoption of cloud computing may be on the rise but CIOs continue to be wary of new threats. For CIOs looking to embark on the cloud journey, it is worthwhile to understand the risk that their data is now being exposed to. These include:
  1. Criminal use of the cloud: Unsavory characters may leverage on the cloud to increase the reach and success rate of their criminal activities, as well as evade discovery. Additionally, improved techniques such as phishing and social engineering make it easier for criminals to access critical information in the cloud, compromising the privacy, reliability, and availability of those services. CIOs need to ensure that their cloud providers are able to resist against such malicious threats through more rigorous login criteria, authentication checks, as well as the ability to monitor and track who gets access to their information in the cloud.
  1. Threats from within: The proliferation of smart mobile computing devices has led to sensitive corporate information being leaked via these devices when employees use them for work. Through the deliberate or unconscious sharing of sensitive company data on the internet, an organization’s brand, finances and productivity can be adversely affected. CIOs need to ensure that their cloud providers are able to put in place measures to protect against threats from inside. This can include providing restricted or temporary access to corporate resources depending on the employee’s profile. Additionally, any company information should not be allowed to remain on private devices after employees have logged off the company server.  
  1. Choice of cloud provider: One of the biggest potential threats to a cloud consumer may in fact be the cloud provider engaged. CIOs need to understand the internal security procedures and computing policies of their chosen cloud provider. Insecure software programming can expose organizations to a variety of security issues related to confidentiality, integrity, availability and accountability. Furthermore, the move towards a third-party cloud infrastructure may mean sharing the same cloud infrastructure with others. CIOs need to be aware of their cloud provider’s existing security controls, how effective these security controls have been, how software programming is integrated with security and how their information will be treated in the event of termination or a security breakdown.
Orignal Author: 
Loh Ching Soo, Country Manager, NetApp Singapore

Add comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <img /> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <strike> <caption>
  • Lines and paragraphs break automatically.
  • Use <!--pagebreak--> to create page breaks.

More information about formatting options

Verification Code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

Similar

Related Articles

Recent popular content

Most Read

  1. HR consultant Gemini Personnel employs data protection and disaster recovery solution from FalconStor

  2. BYOD and ITSM: What you need to know

  3. Disk and Cloud adoption leaving tape in the dust: CloudRecover

  4. Actuate integrates BI and SaaS platforms with Amazon's cloud service

  5. A little security for Big Data