End-to-End Security for Cloud Computing
Home
eMarketing
Mobile Comm
Global e-Business
eSecurity
News & Insights
Contact Us

Articles
Myth on Web Service Security
End-to-End Security for Cloud Computing
Optimize Security Services in the Cloud
Data at Rest, Data at Risk
Data Security Best Practices
DOD Common Criteria
Need for Information Security Professionals
Protect Social Security Info
Virtual VPN Gateway
Don't Hack the Ox!
6 eSecurity Pitalls
Data Security at Risk
CCNA Certification
NAC Forum
eSecurity Market
eSecurity Philosophy
PC Security
eSecurity Facts
Encryption Tool
Checking Security
Identity Theft
Home PC Security
eSecurity Training
Security Software
eSecurity & You
Web Security
Browser Security
Spyware & Viruses
448 Bit Encryption
Vital PC Security
Spyware Security
What's PC Security
Optimize eSecurity
Delete Cookies
Basic SB Security
eSecurity 101
Email Security

End-to-End Security for Cloud Computing Environment

By Steve Tsai, Managing Editor, Internet Journal

01/26/11

Common Concerns That People Have When Considering Using Cloud Computing

  • How Do I Insure That My Data is Safe and Secure Out In the Cloud?
     
  • How Do I Get the Benefits of the Cloud Computing without the worries of data being stolen or compromised?

For corporations, cloud can be a dangerous place where competitors and strangers may share the same physical servers, storage, and data paths. Cloud service providers must provide the proper security mechanism to insure that customer data is safe and secure and no one else can intentionally or inadvertently get that data.

Cloud Computing Implications and Requirements

Let's examine the implications of cloud computing and what are required to make cloud computing safe and secure:

    1. Cloud computing means that physical computing resources are shared among customers. Cloud service providers must insure that data in servers, storage, and in transit for each customer is safe and secure.

    2. Cloud computing makes all accesses remote. Users inside corporate LAN are now all remote users. In order to insure that only authorized users can access certain cloud computing resources, each user should have separate and secured communications path.

    3. All end point devices must be checked for security compliance and all users must be authenticated and authorized before access to the cloud resources is granted.

Traditional security defense point solutions – network firewalls, IPS, IDS, anti-virus solution, etc. are no longer effective in securing enterprise applications in an open environment where physical computing resources and data center LAN infrastructure are shared among customers.

In order to meet the requirements identified above, cloud computing services must have end-to-end security that:

    1. Protects server data (at rest) against theft and unauthorized access

    2. Protects data in transit between servers and all the way to client end points

    3. Insures client end points are clean and non-intrudeable. With comprehensive end point security check to insure that only the authorized people and devices get access and the client ends are free of viruses and malwares, these end points must be inspected before allowing access to the cloud resources. This includes end-point security compliance, end-point/user authentication, user based granular access control, data leakage prevention, logging and audit, and data cleanup

This means only authorized users and security compliant devices are allowed to access servers and storage in the cloud, each user and device should have separate and secure communication path, and the cloud computing resources must be secured as well. This forms an air tight secured cloud computing environment for each customer.

 

About The Author
Steve Tsai is the Managing Editor of the Internet Journal http://www.intnetjournal.com. Internet Journal provides the insights and analysis on Internet marketing, eCommerce, mobile communications, eSecurity, and global e-Business. If you have any comments about Internet Journal, please send email to stt@intnetjournal.com.
 

 
[Home] [eMarketing] [Mobile Comm] [Global e-Business] [eSecurity] [News & Insights] [Contact Us]

eMarketing