Private sector must unite to strengthen cloud security, expert says
Decision-makers were often intimidated by the cloud when it first emerged, as many IT departments claimed hosted environments were not secure enough to manage highly sensitive information and solutions. As the cloud matured, however, developers began to address some of the minor security concerns associated with the virtual environments.
While some of the smaller issues regarding cloud security have been or are being taken care of, there are still a number of problems that need to be tackled. For this to occur, cloud computing users need to speak with cloud providers and encourage them to make the necessary changes, according to a TechTarget report.
"We have to have this mindset that consumers have a right to know there is a level of disclosure that does not introduce a security threat. You have to ask for it, you have to demand it," said Jim Reavis, executive director of the Cloud Security Alliance, according to TechTarget. "That's how we are going to get a more secure cloud."
In most cases, a single company doesn't have enough influence to sway the opinion of cloud service providers. As a result, Reavis said businesses need to collectively address cloud vendors and force them to implement the necessary changes, TechTarget noted.
How cloud security needs to be changed
While there are many aspects of cloud security that could use improvement, identity management is usually among the top priorities for users, the report said. Rather than passwords, new technologies that support long-term access should be established.
"We may need to work toward more holistic IDs that have different authorizations and different purposes," Reavis said, according to TechTarget.
Access management issues were echoed in another report by InformationWeek that said administrative access control in the cloud is an incredibly important aspect of keeping the virtual environments safe from outsiders. While there are still some barriers to deploying innovative and robust identity management programs and tools, implementing even the simplest techniques will likely enhance an organization's ability to keep mission-critical resources and data secure.
As the private sector continues to adopt cloud hosting services in an effort to boost efficiency, reduce IT expenses and, hopefully, enhance the protection of sensitive resources, companies need to align together and encourage cloud vendors to make the virtual environments more secure. Doing so will be the only way for the cloud to truly reach mainstream adoption.
- Welcome to GoGrid!
- I'm a live Cloud Expert.
- What questions do you have today?