Cloud Security: What It Is (and What It Isn’t)
The cloud seems to be on everyone’s mind these days. If you’ve been considering how to make the leap to cloud computing, you’ve also had to start thinking about how to extend security to this new technology environment. Despite potential savings in infrastructure costs and improved business flexibility, security is still the numberone barrier to implementing cloud initiatives for many companies. Security challenges in the cloud are familiar to any IT manager—loss of data, threats to the infrastructure, and compliance risk. What’s new is the way these threats play out in a cloud environment.
Cloud Security Is ...
The response to a familiar set of security challenges that manifest differently in the cloud. New technologies and fuzzier boundaries surrounding the data center require a different approach. A set of policies, technologies, and controls designed to protect data and infrastructure from attack and enable regulatory compliance. Layered technologies that create a durable security net or grid. Security is more effective when layered at each level of the stack and integrated into a common management framework. The joint responsibility of your organization and its cloud provider(s). Depending on the cloud delivery model and services you deploy, responsibility for security comes from both parties.
Cloud Security Isn’t …
A one-size-fits-all solution that can protect all your IT assets. In addition to different cloud delivery models, the cloud services you deploy will most likely require more than one approach to security. A closed-perimeter approach or a “fill-the-gap” measure. Organizations can no longer rely on firewalls as a single point of control, and cobbling together security solutions to protect a single vulnerability may leave you open in places you don’t suspect. Something you can assume is provided at the level you require by your cloud service providers. Make sure you spell out and can verify what you require.
Cloud computing security is a broad topic with hundreds of considerations—from protecting hardware and platform technologies in the data center to enabling regulatory compliance and defending cloud access through different end-point devices. The focus of this planning guide is to provide you with suggestions and
recommendations for strengthening data and platform protection in your cloud implementations. The remainder of this guide walks you through seven key steps that will help you plan your cloud security from the ground up.
Intel IT Center Planning Guide | Cloud Security