Array

External security risks

Must Read

Obtaining and Installing the Python Standard Library

You can obtain the Python Standard Library from a number of sources, but the best place to go is...

Nikon D7000, Using the Built-In Flash

There are going to be times when you have to turn to your camera’s built-in flash to get the...

Fixed Rate Home Equity Line of Credit – Sounds Good, But Is It?

Sometimes you can save a little money on the front end with a variable rate home equity line of...

Canon EOS 60D Charge Your Battery

This might sound obvious, but it’s important to fully charge your battery before you begin taking photos. If you...

Does the IRS Consider Interest on a Home Equity Line of Credit Deductible As a Second Mortgage?

The home equity line of credit of an individual is considered to be deductible as a second mortgage for...

Motorcycle Accidents and Motorcycle Insurance

The following article is motorcycle accidents and how they play out legally. The following is not legal advice, but...
Admin
test

Data stored in public clouds can be compromised as a result of failures in a provider’s security technology or its operational security practices, and this is a major risk in a multi-tenanted system where business competitors share the same IT infrastructure. If you have internal policies for information governance that encompasses security then you must ensure that your cloud provider takes security as seriously as your business – some key security questions are provided below. And it is important to be aware that you are responsible for keeping your confidential customer data safe, not your cloud provider!

Security technology failures

An example of a security technology failure in a public cloud was the bug found in Google Docs (a Software as a Service system) in March 2009 that led to a small percentage of documents being inadvertently shared with unauthorized users (Mazzon, 2009). But the fact that, at the time of writing, it was difficult to find any other significant examples, despite the large number of cloud computing providers and media attention, speaks volumes. It is in the interest of these providers to secure their systems, and they typically have far more resources to devote to the problem than their customers.

Operational security failures

An example of an operational security failure in another Software as a Service system was the Twitter hack of January 2009 where a hacker gained access to system support tools and took temporary control of the Twitter user accounts of President Barack Obama, among others (Twitter, 2009). In the Twitter example the hacker allegedly took advantage of a weak password on a support user account to gain access (Zetter, 2009). Again it is difficult to find further examples, and it is unlikely that providers of more business-critical cloud-based systems would be so careless in their use of passwords. But cloud providers are well aware that the most common fear about cloud computing, particularly in public clouds, is over security and a number of them have joined forces to form the Cloud Security Alliance, a non-profit organization that promotes best practices and provides comprehensive (and free) cloud security guidance documents at http://
www.cloudsecurityalliance.org/.

Key security questions

Chapter 5 provides further guidance on choosing suppliers, but here are some key questions to ask them about the security of their systems with regards to their technologies and operations:

  • Are security tests an integral part of their software development cycle?
  • Are security issues specifically addressed in technical training programmes?
  • Are non-technical employees made aware of security issues when they are trained?
  • Are third-party security audits performed, and, if so, by whom, how thorough and how often?
  • What operational policies and controls are in place, what do they cover and are they assessed by third parties?

 

Latest News

Digital Marketing for Beginners

Digital marketing for starter, Let to basic learning about connecting with your audience in the right place at the...

What are 7 things poor people do that the rich don’t?

1. poor people watch TV in which people read books how many hours you spend in front of the TV and when was the...

Top 18 best small business ideas for beginners starting

A small business can be frightening and requires plenty of careful planning there are many small business ideas which can be beneficial as well...

Summer that makes you happy

We saw were already here I've been thinking about some of the things. I used to do with my husband even though he had...

4 Point to helpful tips specifically for caregivers

What you need to take a vacation. I know it sounds impossible creative and try to make it work for you almost everyone needs...

More Articles Like This