Data security is a big concern for any company that is wanting to adopt the cloud infrastructure. This article from enStatus talks about their patent-pending security architecture that is bound to delight an organization's security team. Cloud infrastructure computing has an economic advantage over other operating platforms in that it is able to flex the infrastructure to meet operating demands, payment is scaled to usage, and it is able to expand with a power of scale not available until now. But many organizations still have concerns about the security implications of this new operating system. There are questions such as from lawyers who want to know if other lawyers obtain a subpoena, can they attain access to their data. How to know if current enforcement security policies are up to par. Will there be multiple user identities or will the cloud provider issue a single all-powerful user ID? What type of reports are available for access and events? These issues are currently resolved. The way to do that is to provide a separation of roles for security operations running outside of the cloud environment without having access to encrypted data which is the inside environment. The principle here is to thwart illegal hacker attacks because a hacker would have to simultaneously compromise two geographically separated, unlinked and encrypted systems. In the worst case scenario, lawyers would only be able to obtain encrypted data while the owner still retains the encryption keys. In addition, steps are taken to detect intrusions in combination with a sophisticated user management and authentication system. Levels of access can be set up to define the roles and permissions required to obtain and maintain a high level of security. All logging activity is automatically recorded for compliance reporting and audit purposes. This article gives other references on open cloud computing security.
salsantos222Apr 14, 2010
Data security is a big concern for any company that is wanting to adopt the cloud infrastructure. This article from enStatus talks about their patent-pending security architecture that is bound to delight an organization's security team. Cloud infrastructure computing has an economic advantage over other operating platforms in that it is able to flex the infrastructure to meet operating demands, payment is scaled to usage, and it is able to expand with a power of scale not available until now. But many organizations still have concerns about the security implications of this new operating system. There are questions such as from lawyers who want to know if other lawyers obtain a subpoena, can they attain access to their data. How to know if current enforcement security policies are up to par. Will there be multiple user identities or will the cloud provider issue a single all-powerful user ID? What type of reports are available for access and events? These issues are currently resolved. The way to do that is to provide a separation of roles for security operations running outside of the cloud environment without having access to encrypted data which is the inside environment. The principle here is to thwart illegal hacker attacks because a hacker would have to simultaneously compromise two geographically separated, unlinked and encrypted systems. In the worst case scenario, lawyers would only be able to obtain encrypted data while the owner still retains the encryption keys. In addition, steps are taken to detect intrusions in combination with a sophisticated user management and authentication system. Levels of access can be set up to define the roles and permissions required to obtain and maintain a high level of security. All logging activity is automatically recorded for compliance reporting and audit purposes. This article gives other references on open cloud computing security.