Cloud security – truth or dare?

29 October 2013

Jamie Brown

Jamie Brown

Consultant

Security is usually the number one topic of any given conversation to do with cloud computing. Is this warranted?

Well, yes – security is incredibly important for cloud computing. But it’s not that security is especially important for cloud systems because they’re inherently more insecure than privately managed systems.   Access can be bypassed in an on-premise system in the same way access could be bypassed through a system hosted in the cloud. For example, those rather large holes – passwords – exist in both cloud systems and privately managed systems. At the end of the day, any computer system is only as strong as its weakest link, and cloud computing brings with it the same risks we have been seeing for years elsewhere.

However, I’d go so far to say that the cloud is actually more secure because the technology and infrastructure associated with cloud is more modern than the technology developed years ago. Look at the open landline telephone or fax machine as a good example when compared to modern communications such as BBM and iMessage which use sophisticated end-to-end encryption.

Where does this concern over security come from? 

Let’s look at what cloud computing is first.

Typically, the cloud refers to the access of data and services held up there in the ‘cloud’. It’s not always clear because marketers like to promote cloud because it’s a hot topic.

Take a really common example of cloud technology. Gmail. Gmail isn’t that thing you access through your web browser at gmail.com (although you may be forgiven for thinking so). Gmail.com is a web interface to the cloud-hosted service called Gmail, which can be accessed from all manners of devices (and indeed other cloud services).

Enterprise systems may utilise a similar set-up – many off-the-shelf cloud solutions for business do – or they may be hosted in a ‘private’ cloud. This doesn’t mean your Gmail account isn’t private (quite the opposite, but let’s leave privacy for another time!). It just means that a service provider will manage your private servers, running your own set-up and processes remotely for you, by taking care of anything and everything that comes along with managing multi-million pound hardware.

The benefits of cloud are obvious: besides being far easier to hook onto and develop enterprise mobile app, for example, the fuss of managing the infrastructure is now gone. Regardless of the type, cloud systems are essentially the same as your on-premise system, but are instead managed by a service provider. If you’re concerned about security, that’s good. So, simply be sure to choose a provider that is, too.

Because the risks in cloud computing can be found elsewhere, I suggest that the benefits far outweigh the risks. The single most important benefit cloud computing brings to organisations is likely to be the fact that if you let your provider take care of your system – its access, its security, its maintenance - then your organisation can carry on doing what it does best without worrying about dedicating money or people to maintaining technology.

Not surprisingly, the cloud is one of the fastest growing areas of spend by organisations.  Global market analysts IDC estimate that more than 30% of organisations expect within three years to access almost half of their IT resources through some form of cloud - public, private, or hybrid.

Questions about security will always continue but they are becoming fewer as every day passes. 

View comments

Comments

Blog post currently doesn't have any comments.

Bluefin and SAP S/4HANA - welcome to the one horse race

We use cookies to provide you with the best browsing experience. By continuing to use this site you agree to our use of cookies.