“Cloud” is another hot new name in the tech industry. AWS, Microsoft Azure and Google cloud platform (GCP), are just a few of the many cloud service providers that have taken the technology industry by storm. Businesses grow and require more resources to expand. This includes more power, more hardware, and more software.
The “cloud” is here to save the day as it allows the organization to manage more data centers, more infrastructure, and better manage them all.
Today, the “cloud” is not a foreign entity. It is an essential component of every organization. An organization can address issues such as downtime, scalability, and monetary issues by moving its services to the cloud.
One report states that 77% of enterprises have at most one application or a part of their enterprise computing infrastructure in cloud …”. (Organisations are cutting down on costs by moving to cloud computing. This number is expected to rise to 83% by 2020.
What is a “public cloud”?
Your data is stored in a public cloud environment. The cloud provider is responsible for the management and maintenance. In a public cloud environment, users pay for the services they use. If an organization only requires storage, they can choose to pay for that service by themselves. The various services in a public cloud can be sent via the Internet to the organization.
Because the most valuable data of an organization is stored in a heterogeneous environment with data from other organizations it is vulnerable to attacks and breaches.
The security of the public cloud environment is not known. Therefore, it is a good idea to switch to a private cloud if you are dealing with sensitive information such as credit/debit cards or healthcare data.
What is a “private cloud”?
The hosting cloud solution is placed on the company’s intranet and behind a firewall. This type of environment requires that the organization manages and maintains the data centers and other infrastructure. Security is a greater reality because the data is stored on the company’s intranet. Therefore, it is easier to trust.
You own the infrastructure and data centers in a private cloud and can offer these services to your clients and customers.
These are the top cloud security concerns according to the 2019 “Cloud security report” by “Cybersecurity Insiders”.
Understandably, 64% of organizations fear ‘data loss/leakage’
62% fear ‘Data privacy/confidentiality’ issues and
39% are afraid of regulatory compliance and 39% are concerned about it.
These are also the most serious cloud security threats facing organizations.
42% of organizations worry about unauthorized access to their data
42% are concerned about APIs and interface security.
40% fear misconfigurations of cloud platforms (Cloud Security Report)
Cloud computing and security are so important in today’s world, that (ISC.2) introduced a new certification in 2015 called CCSP (Certified Cloud security professional).
InfoSec Train offers the CCSP certification – enroll today to climb up the InfoSecurity career ladder.
Cloud Security Report. (n.d.). Retrieved from https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/2019-cloud-security-report.pdf
Organisations are moving to the cloud to cut costs. (n.d.). Retrieved from nccgroup.trust: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2019/august/blog-organisations-are-saving-by-moving-to-the-cloud/