Cloud security: five considerations

1 April 2017 Infrastructure, Information Security

Being well-armed for the barrage of emerging cyber threats is essential as you plot your journey to enterprise cloud services. Here are the five biggest cloud security considerations:

AJ Hartenberg.
AJ Hartenberg.

1. Responsibility

Your cloud provider certainly has the responsibility to ensure top-notch security, at both a physical data centre level, and the protection of your data itself. But as a customer, you simply cannot shirk the overall responsibility – to select a secure cloud partner and platform, to ensure you comply with your industry’s data governance laws, and use the latest multi-factor authentication and encryption tools. Ultimately, legally speaking, the mandate of being the sole data trustee cannot be outsourced to your cloud provider.

2. Platform

Look at every aspect of the cloud platform you choose, such as the physical security systems used at the datacentres, the type of hypervisor that’s used to generate virtualised computing services, the APIs connecting services to each other, and more. Double-check that your cloud provider complies to local and international data security/privacy laws, as you conduct your thorough due diligence on their platform.

3. Network

Have you confirmed that your cloud provider can provide you with a secure online tunnel to its data centre? Have you vetted its data security controls, including the hashing of data? And is it conducting regular penetration tests on its network? These are certainly the kinds of questions you should be asking. Closer to home, you will need to evolve your own organisation’s local network to ensure that your network security operations are orchestrated to handle cloud migration.

4. Firewall

The latest advances firewall services can be found in Virtual Domains (VDOM) that segregate any unauthorised network traffic coming into your VLAN, leaving you with a clean, point-to-point connection to your cloud service provider. When used in combination with strong network security controls, the firewall is a powerful weapon in one’s arsenal of defence weapons.

5. Skills

As you build your cloud security capability, understand the most critical skills that are required (either in your in-house team or within the cloud service provider). Look at areas like compliance, risk management, data laws, communication, encryption, penetration testing, and network security. Conduct regular vulnerability assessments that include a skills matrix, to understand and address any gaps in expertise.

For more information contact T-Systems South Africa, +27 (0)11 254 7789, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
The hidden cost of cheap networking gear
Duxbury Networking Infrastructure
When it comes to building a network, price is always a consideration, especially in the current economic climate, but there is a difference between smart spending and short-term savings with long-term losses.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Advanced surveillance storage from ASBIS
Infrastructure Surveillance Products & Solutions
From a video storage solutions perspective, SkyHawk drives, designed for DVRs and NVRs, offer high capacity, optimised firmware, and a reliability workload rating of hundreds of terabytes per year.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.