Will 2016 be the year security stops being a reason to avoid public clouds? Because, face it, by now established cloud vendors have likely invested more in security than you can hope to duplicate in-house. But when you’re used to pulling your own security levers, how do you let go of some of that control?
What we need is the cloud security version of a trust fall.
You may have taken part in this team-building exercise: You fall backward into the arms of a coworker while trusting that they’ll catch you before your khakis-clad behind hits the ground. It’s easier to take that plunge when your colleagues have given you reasons to trust them: They step up when you need a hand at work, they have built a solid reputation, they have your back when things go awry.
In order for you to trust security measures that are offsite and out of your control, you need to replicate these trust cues with your cloud vendor.
How? Here are three questions to start with:
1. How well can the vendor replicate my security requirements?
“In general, companies are all very used to having incredibly stringent and granular security controls,” says Ben Nelson, vice president, cloud security, at Oracle. “Since most of these controls are implemented on site and under the direction of enterprise IT, companies can impose very specific requirements.”
Look for vendors that clearly lay out security protocol and are willing to work together to identify and close any gap between what they do and what you need. In the end, it might just be a communication issue. “Big cloud vendors have thousands of customers with unique security requirements and over time have factored the best of those into the solution,” Nelson says. “We are probably already giving you everything you want, but it may not be articulated in the precise manner your company is used to.”
Also, look for infrastructure security that focuses on protecting your data in addition to securing the network. “Modern information security requires a layered approach that integrates security technology throughout the stack, from the silicon foundation all the way out to the application layer,” he says.
Read More: http://www.forbes.com/sites/oracle/2016/04/19/how-to-determine-if-you-can-trust-cloud-security/#173f5d626c78
What we need is the cloud security version of a trust fall.
You may have taken part in this team-building exercise: You fall backward into the arms of a coworker while trusting that they’ll catch you before your khakis-clad behind hits the ground. It’s easier to take that plunge when your colleagues have given you reasons to trust them: They step up when you need a hand at work, they have built a solid reputation, they have your back when things go awry.
In order for you to trust security measures that are offsite and out of your control, you need to replicate these trust cues with your cloud vendor.
How? Here are three questions to start with:
1. How well can the vendor replicate my security requirements?
“In general, companies are all very used to having incredibly stringent and granular security controls,” says Ben Nelson, vice president, cloud security, at Oracle. “Since most of these controls are implemented on site and under the direction of enterprise IT, companies can impose very specific requirements.”
Look for vendors that clearly lay out security protocol and are willing to work together to identify and close any gap between what they do and what you need. In the end, it might just be a communication issue. “Big cloud vendors have thousands of customers with unique security requirements and over time have factored the best of those into the solution,” Nelson says. “We are probably already giving you everything you want, but it may not be articulated in the precise manner your company is used to.”
Also, look for infrastructure security that focuses on protecting your data in addition to securing the network. “Modern information security requires a layered approach that integrates security technology throughout the stack, from the silicon foundation all the way out to the application layer,” he says.
Read More: http://www.forbes.com/sites/oracle/2016/04/19/how-to-determine-if-you-can-trust-cloud-security/#173f5d626c78
No comments:
Post a Comment