Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Business

Security in the private cloud – what every business needs to know

Brent-Thurrell

By Brent Thurrell, BeyondTrust

The onward march of cloud computing seems unstoppable and its benefits – cost savings, scalability, business continuity – are hard to dispute. However, like any area of information technology, it is important to understand the security implications of moving any part of business into the cloud. The impact of a security breach can be far-reaching, which is why senior managers need to familiarize themselves with what is at stake.Brent-Thurrell

After all, we are talking about trusting sensitive corporate data – including customer data, intellectual property and other content, such as information on new products – to a third party.

It’s clear that organizations that outsource to a cloud vendor often make their choices based on price instead of security. Despite the undoubted advantages, making use of a cloud provider unfortunately opens the door to some risks.

This is why, despite many C-level non IT executives being keen to cloud environments, security executives tend to walk with much more trepidation. According to a recent research report by IDC, 74 percent of IT executives and CIOs have cited security as the top challenge preventing their adoption of the cloud services model.

The reality is that wherever data is hosted, vulnerabilities and exploits do not discriminate. The same holes that exist for cyber thieves lie within cloud providers as they do for data storage on-premise.

Who is responsible for security – the cloud provider or the business user?
So is having a private cloud safer than the public cloud? The reality is that private cloud does not mean attackers will not try to enter. Indeed, the more sensitive and potentially valuable a company’s assets, the more likely an organisation will encounter a cyber security storm.

This begs the question: when a company is utilizing a cloud provider, who is actually responsible if a breach occurs or what security measures are put in place? The apparent ambiguity as to who is responsible for securing the assets which makes up the private clouds creates the exact type of security gaps on which attackers can prey. It may come as some surprise that end user licence agreements for most cloud providers state that they are not responsible for security.

Cloud providers are responsible for providing servers with a certain operating system and a certain flavour, but buyers beware: in practice, this means they might not even know when a breach has occurred. In a 2011 Ponemon study, 42 percent of respondents of cloud service providers indicate they would not know if their organizations cloud apps or data was compromised by a security breach or data exploit.

The truth is that assets, in the cloud or on premise, are part of the business; so UK organizations need to treat them as such. Take the necessary steps to secure those servers, which organizations have every right to do, just as if the data was sitting down the hall in a server room. Even though businesses are renting cloud capacity from these providers, they still have full access to assess and should approach them as part of their regular security practice. As cloud customers, businesses can still configure virtual servers and apply custom measures that comply with existing security strategies.

Tips to securing company data stored in a private cloud

So what can be done to ensure that the business’s cloud environment is secure? Here is some ‘best practice’ advice:
• Include assets held in the cloud into your normal security and privilege access management strategy.
• Regularly assess the state of vulnerability by leveraging zero day vulnerability management solutions.
• Implement regular detection scans for critical risk access points, or potential breaches. Don’t wait for the cloud provider to inform you – it may not do so.
• when employing a cloud service, review terms and conditions clearly, understanding the end user license agreements.

There are a wide variety of tools available that enable organizations to take the above steps easily and quickly, without major disruption to their existing IT infrastructures. The bottom line is that leaving private cloud security out of an organization’s integrated strategy creates a major security gap, but if the right steps are taken, then businesses can leverage the advantages of cloud computing, safely and securely.

www.beyondtrust.com

 

 

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post