If you use the Cloud, you need Cloud security
Cloud computing exposes your organization to a host of security risks. Make sure you’re protected.
As more and more organizations leverage Cloud services, Cloud security is an ever-growing concern. If Cloud IT services are not well-secured and managed, major security risks can arise. It’s crucial to consider the overall strategy before embarking on a Cloud IT services initiative. When Cloud IT services are deployed thoughtfully, rooted in thorough planning and a comprehensive understanding of the technology, organizations stand to benefit greatly from this innovative technology.
AgilePath’s approach to Cloud security and Cloud IT services is outlined in our whitepaper, “A Pragmatic Cloud Computing Reference Model.” This approach is, as the title suggests, based on a pragmatic approach to Cloud computing architecture, relying on quality planning and strategy. Below are some of the key points of our Cloud computing philosophy:
- Cloud Governance, Culture and Behavior: Cloud governance is an emerging requirement of Cloud computing, and encompasses a broad set of business and technical requirements, from the planning and architecture process through the design-time considerations of Cloud computing, functional and non-functional requirements analysis, and the actual process of onboarding your enterprise onto a cloud (internal, public or hybrid), and the critical monitoring and operational requirements of Cloud once you have successfully deployed. Culture and behavior are also addressed in this sub-model, as successful Cloud computing deployments must explicitly recognize the cultural and behavioral requirements to achieve success with Cloud as a trust-based architectural approach.
- Security and Privacy: A hot topic, Cloud security and privacy focuses on challenges of data security, privacy, regulatory compliance for privacy, as well as data integrity, physical and logical security, and all other related security requirements for services, applications, and interactions in a Cloud ecosystem. The choice of Cloud deployment models will in many respects help constrain your Cloud security challenges.
- Management and Monitoring: Cloud management and monitoring focuses on the instrumentation and tooling necessary to monitor and manage your Cloud, whether your deployment is an internal private cloud, or whether you are leveraging third-party external clouds from Amazon or Salesforce.com, or deploying hybrid integrated Clouds. Either way, you must be able to integrate and automate the monitoring, performance management, alarming and alerting of Cloud events and performance metrics in order to respond to outages, performance degradations, and related operational concerns.
- Operations and Support: Cloud operations and support focuses on the post-deployment phases of the Cloud Lifecycle Model, and is poorly understood in the context of Cloud operations and support. While many of these processes can be adapted from current ITIL, COBIT and other IT management frameworks, you will also need to leverage your current data center and IT support, help desk and operations processes and adapt them based on your chosen Cloud deployment model. Operations and support for hybrid and public clouds will be a fast-moving area of emphasis, and you must spend appropriate time understanding the operations and support requirements based on the Cloud deployment, based on which Cloud enablement tiers and cloud patterns you intend to exploit.