Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Partner Conferences
  • Newsletter
  • Subscribe
  • News
  • About us
Apac
  • Agile

    Artificial Intelligence

    Augmented Reality

    Big Data

    Blockchain

    Cloud

    Cyber Security

    DevOps

    Digital Technology

    Enterprise Security

    HPC

    Internet of Things

    IT Services

    Mobility

    Networking

    Open Source

    POS

    QA and Testing

    Robotics

    SaaS Solutions

    Security

    Simulation

    Smart City

    Startup

    Storage

    Unified Communication

    Virtualization

    Web Development

    Wireless

  • Automotive

    Aviation and Aerospace

    Banking

    Compliance

    Construction

    Contact Center

    E-Commerce

    Education

    Energy

    Engineering

    Field Service

    FinTech

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Telecom

    Travel and Hospitality

    Utilities

  • Amazon

    CISCO

    Dynamics 365

    Google

    HP

    IBM

    Intel

    Microsoft

    Microsoft Azure

    Oracle

    Red Hat

    Salesforce

    SAP

    Share Point

    VMware

  • Business Intelligence

    Business Process Management

    CEM

    Cognitive

    Collaboration

    Corporate Finance

    CRM

    Data Center

    Disaster Recovery

    Document Management Systems

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Performance Management

    ERP

    Fleet Management

    Gamification

    Geographical Information System

    HR Technology

    IT Service Management

    Managed Services

    Payments

    PLM

    Procurement

    Project Management

    Risk Management

    Sales and Marketing

    Workflow

Menu
    • Cyber Security
    • Amazon
    • Banking
    • Blockchain
    • CISCO
    • Cognitive
    • Compliance
    • Contact Center
    • DevOps
    • E-Commerce
    • Field Service
    • Gov and Public
    • Healthcare
    • HR Technology
    • IoT
    • Managed Services
    • Manufacturing
    • Metals and Mining
    • Microsoft
    • Oracle
    • Pharma and Life Science
    • Retail
    More
    Contact Center DevOps E-Commerce Field Service Gov and Public Healthcare HR Technology IoT Managed Services Manufacturing Metals and Mining Microsoft Oracle Pharma and Life Science Retail
    ×

    Subscribe to our Newsletter

    news
    news

    Join our mailing list for the latest articles, news, and exclusive insights from prominent technology leaders

    loading
    SUBSCRIBE

    Thank You for subscribing with us. We sent you an email regarding this.

    news

    • Home
    • Cyber Security
    Editor's Pick (1 - 4 of 8)
    left
    Leadership Framework for Building Elite Teams

    Douglas Duncan, CIO, Columbia Insurance Group

    Four Cybersecurity Weak Spots You Should Care About When Others Don't

    Marc Probst, CIO & VP, Intermountain Healthcare

    Secure Text Messaging in an Academic Medical Center - Experience and Lessons

    Kari Cassel, SVP & CIO, UF Health

    It's Time to Turn Security Inside Out

    Gilad Raz, CIO, Varonis

    Top 3 Challenges Growing Businesses Face and How the Cloud Can Help

    Ken Shulman, CIO & CTO, Broadview Networks

    Cloud Security Grows Up

    Kevin Winter, VP & CIO, Booz Allen Hamilton

    Neil Jarvis, CIO, Fujitsu America, Inc

    Moving towards an Intelligent, networked and boundary less world

    Rajeev Batra, CIO, MTS India

    right

    Security Consideration in the Cloud

    By Randy Gross, CIO, CompTIA

    Tweet
    content-image

    Randy Gross, CIO, CompTIA

    The IT landscape has shifted dramatically in recent years. Businesses of all sizes are exploring new models for technology, led by cloud computing and mobile solutions.

    They’re also taking a more expansive view of technology. It’s no longer confined to the back office as a support tool for the business. Today technology is front-and-centre, seen as a strategic endeavour that can directly accelerate business growth and success. Business users see benefits and gains in areas such as accessibility, agility, productivity, and scalability.

    Cloud computing solutions offer a great deal of opportunity and potential, but they can also create problems that must be solved quickly before they are exploited.

    A recent report from Skyhigh Networks, a cloud security and enablement company, found that the average enterprise is using 46.7 percent more cloud services this year than a year ago. Yet the report also noted that just 7 percent of cloud services meet enterprises' requirements for security, compliance, and governance.

    “In the early days of cloud adoption, security was cited as the reason that companies were not using cloud systems”

    The biggest difference between a cloud solution and an on-premise solution is that control is given to someone else; namely, a cloud provider. The migration of systems from on premise into the cloud creates several issues for companies, especially if they have not carefully considered their security requirements before engaging with a cloud provider.

    In the early days of cloud adoption, security was often cited as the primary reason that companies were not using cloud systems. Today, the large majority of companies have cleared that hurdle, either by thoroughly examining security in a cloud environment or by assuming that mass adoption of cloud systems indicates adequate security.

    “The reason it is so important for companies to understand their own security requirements before engaging with a cloud provider is that there are so many different areas involved to ensure safety and reliability,” noted Seth Robinson, Senior Director, Technology Analysis for CompTIA.

    “Business continuity, data retention, data encryption, credentials, data integrity, regulatory compliance, identity and access management, and geographic locations are among the areas that should be subject to a security review before embarking on or expanding a cloud deployment”, Robinson added.

    In CompTIA’s 2015 Study Trends in Information Security, between 40 percent and 60 percent of companies said they always review each of the areas listed above.

    This security review also drove internal changes. Nearly half of companies said they changed company policy as a result of changing views on cloud security; while 41 percent of companies built additional security features into cloud-hosted applications.

    When it comes to the cloud, it’s not enough to assume that the cloud provider is adequately securing data and applications. Understanding the cloud provider’s environment and policies is essential in securing the cloud services. Cloud users should regularly review and discuss with their cloud provider how they want to handle security, reliability, compliance, and legal issues related to their cloud services. Any gaps in the provider’s security coverage must be addressed before launching the service.

    Another benefit of cloud computing is that it lowers the barrier of entry to technology and gives access to areas that have traditionally required the approval—or at a minimum, the cooperation—of the IT department. An end user can start working with a Software-as-a-Service application by visiting a website and providing user credentials and billing information with engaging the services or expertise of IT professionals. Thus, the concept of “rogue IT” or “shadow IT” was born.

    This refers to the tendency of lines of business to use their own budgets to procure technology resources. Certainly the concept is no unique to the cloud. But the difference with cloud resources is that they are much more powerful and usable. This represents a high risk for companies. Business staff who use cloud solutions outside the purview of those responsible for the IT environment may not be considering where data is stored, what happens in case of an outrage or how the cloud tool is integrated into other business systems. With security already a major concern for companies, this is another area to be aware of so that data remains confidential and compliance to required standards is maintained.

    “You have to look at where your data is actually being stored and who ultimately has access to it,” noted Ron Culler, Chief Technology Officer, Secure Designs, Inc. of Greensboro, N.C. “You can have a nice looking app that delivers great service, but it may sit somewhere that may not be secure. It could be distributed across multiple data centres across the world. And if you put it unencrypted, it sits there unencrypted. You have to have policies in place to deal with those situations.”

    Finally, it’s important to remember that the burden does not rest solely on the lines of business. IT departments must examine their perceptions and policies to ensure that they are no overemphasizing their preferences at the expense of business outcomes.

    Founded in 1982 and based in Gurgaon, India, CompTIA is a non-profit trade association that is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy.

    Read Also

    Human behaviour the weak link in cyber defence

    Human behaviour the weak link in cyber defence

    Memcached DDos: The New Kid On The Block

    Memcached DDos: The New Kid On The Block

    2018 Global Data Regulations and Compliance Heat Up - Are You Ready?

    2018 Global Data Regulations and Compliance Heat Up - Are You Ready?

    Please tell me This is not Y2K again!

    Please tell me This is not Y2K again!

    25 Hottest Cyber Security Companies - 2018

    25 Hottest Cyber Security Companies - 2018

    Top 25 Cyber Security Technology Companies 2017

    Top 25 Cyber Security Technology Companies 2017

    Featured Vendors

    I-Sprint Innovations

    Dutch Ng, CEO

    HP

    Richard Bailey, President - Asia Pacific & Japan (APJ)

    Cyber Security Special

    Copyright © 2019 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://cyber-security.apacciooutlook.com/ciospeaks/security-consideration-in-the-cloud-nwid-4161.html