Cloud Computing Security
The most hyped IT development since the Internet, the cloud represents a major change in the business model for IT delivery. Benefits promise to be quite significant: for cloud customers, cost savings, and greater agility through on-demand capacity; for cloud providers, recurring revenues, global markets and attractive profits—if they can differentiate their services and innovate to keep ahead. Many organizations have already moved mundane activities and low-risk data to the cloud. Theoretically, of course, any process that runs elsewhere can run in the cloud. Businesses and governments are certainly attracted to the idea that they could achieve even greater savings were they to use the cloud for storage and processing of their more sensitive data. After all, sensitive business processes are likely to be the most expensive from an operational perspective and so this is where they have the most to gain. The big question, though, is how secure is the cloud and when is it safe to move more sensitive operations there?
Faced with privacy mandates and escalating compliance obligations, organizations are responsible for security whether or not they outsource to the cloud. Sharing services from a public cloud provider with other cloud tenants means losing some control, which brings added risk. Uncertainty about exactly what the risk is and how to mitigate it prevents many organizations from taking full advantage of the cloud today. cloud consumers want assurance that their information and key business processes will be safe. Cloud providers must be able to mitigate risk and reassure customers that their information is safe and secure. For cloud providers, the key to winning trust is to enable their customers to satisfy the same security audits, demonstrate regulatory compliance, and fulfill the same security SLAs they do today with their own IT infrastructure.
- Security risks can be difficult to assess and quantify, due to lack of transparency in the cloud.
- Sensitive data can be inadvertently exposed, as copies may linger long after the service is no longer in use.
- Attackers can exploit loopholes in shared technology to hijack accounts, peer across information silos, and gain unauthorized access to other cloud customers’ data.
- Insider threats multiply in large multi-tenant environments.
- Inadequate practices and poorly architected systems can lead to a false sense of security for both service providers and consumers, increasing compliance reporting costs and putting brand and reputation in jeopardy.
- Lack of visibility into cloud based services makes it difficult to deal with incident management and to assess obligations with regard to data breach disclosure laws if data is suspected of being lost or stolen.
- Cloud providers that cannot articulate and demonstrate security credentials will be unable to win trust—and business.
Cloud Computing Security: Thales e-Security Solutions
Products and services from Thales e-Security can simplify the move from on-premise to cloud deployments by helping businesses, government organizations, and cloud providers make effective use of cryptographic protection. While the cloud is a relatively new concept, strong cryptography and key management are not; these are well-defined security technologies and processes that have been deployed successfully for years as ways to protect data in the event of loss or theft. Given the higher level of risk involved in multi-tenant environments, these technologies can deliver correspondingly higher levels of assurance that enable customers to migrate sensitive and high-value data to cloud deployments with confidence. Hardware data protection products from Thales bring the control and proof needed to demonstrate compliance with privacy regulations and essential standards of due care to the cloud environment just as they have for decades in the global payments network and countless other security applications. These products focus on simplifying complex key management tasks wherever possible to deliver industry-leading scalability. We provide a comprehensive portfolio that enables critical data assets to be protected throughout their life cycle—at rest, in motion, and in use. Working with Thales, cloud service providers and their customers can take advantage of a comprehensive range of encryption, digital signing, and authentication capabilities as they prepare for the next phase of cloud expansion.
- As a cloud consumer, migrate to cloud services while staying in control of your destiny, maintaining security and compliance with regulatory requirements and industry mandates.
- As a cloud provider, enhance the security of your cloud services to provide appropriate levels of assurance for your business customers and to differentiate your services and overcome obstacles to cloud adoption.
- Take advantage of cryptographic best practices to create secure cloud infrastructures – protecting valuable data, sensitive applications, and critical back-end systems such as auditing and billing systems.
- Work with the experts—Thales e-Security has an unparalleled 30-year history in delivering encryption and key management solutions for some of the most demanding security organizations in the world.