In the rush to take advantage of cloud’s benefits, businesses must properly manage the risks of handing over data, systems, and infrastructure to a third-party. As with any risk management process this is a challenge for the board as much as for the technical security team.
Security keeps cropping up as a (if not the) major obstacle to cloud adoption — whether it’s applications or infrastructure that is hosted in a private, hybrid or public cloud environment.
But are concerns about security in the cloud misplaced? Evidence in the 2013 Data Breach Incident Report from Verizon (which also owns cloud provider Terramark) suggests it is. Based on 47,000 breach investigations in 2012, Verizon notes that “attacks against virtualisation were not present, but attacks against weakly configured devices that happened to be hosted in an external location were common — but not more common than among internally hosted ones.”
Do CIO’s agree with these facts? Yes and no. For every CIO who believes cloud security concerns are overrated , there’s another who believes cloud security issues are very real .
However, whether security concerns about the cloud are exaggerated or not isn’t the question under discussion here. The key issue for businesses considering moving a workload to the cloud is to quantify and address risks; from assessing which applications or infrastructure can be moved to the cloud with an acceptable level of risk, to how they will be protected once moved.
Read the Full Article: Source – ZD Net