Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Cloud security: five considerations

1 April 2017 Infrastructure, Information Security

By AJ Hartenberg, portfolio manager: data centre services at T-Systems South Africa.

Being well-armed for the barrage of emerging cyber threats is essential as you plot your journey to enterprise cloud services. Here are the five biggest cloud security considerations:

AJ Hartenberg.
AJ Hartenberg.

1. Responsibility

Your cloud provider certainly has the responsibility to ensure top-notch security, at both a physical data centre level, and the protection of your data itself. But as a customer, you simply cannot shirk the overall responsibility – to select a secure cloud partner and platform, to ensure you comply with your industry’s data governance laws, and use the latest multi-factor authentication and encryption tools. Ultimately, legally speaking, the mandate of being the sole data trustee cannot be outsourced to your cloud provider.

2. Platform

Look at every aspect of the cloud platform you choose, such as the physical security systems used at the datacentres, the type of hypervisor that’s used to generate virtualised computing services, the APIs connecting services to each other, and more. Double-check that your cloud provider complies to local and international data security/privacy laws, as you conduct your thorough due diligence on their platform.

3. Network

Have you confirmed that your cloud provider can provide you with a secure online tunnel to its data centre? Have you vetted its data security controls, including the hashing of data? And is it conducting regular penetration tests on its network? These are certainly the kinds of questions you should be asking. Closer to home, you will need to evolve your own organisation’s local network to ensure that your network security operations are orchestrated to handle cloud migration.

4. Firewall

The latest advances firewall services can be found in Virtual Domains (VDOM) that segregate any unauthorised network traffic coming into your VLAN, leaving you with a clean, point-to-point connection to your cloud service provider. When used in combination with strong network security controls, the firewall is a powerful weapon in one’s arsenal of defence weapons.

5. Skills

As you build your cloud security capability, understand the most critical skills that are required (either in your in-house team or within the cloud service provider). Look at areas like compliance, risk management, data laws, communication, encryption, penetration testing, and network security. Conduct regular vulnerability assessments that include a skills matrix, to understand and address any gaps in expertise.

For more information contact T-Systems South Africa, +27 (0)11 254 7789, jane.wessels@t-systems.co.za





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Service robot technology for residential complexes
Suprema AI & Data Analytics Infrastructure Residential Estate (Industry)
Suprema has signed a three-party memorandum of understanding (MOU) with Hyundai Motor Group Robotics LAB and Hyundai Engineering & Construction (Hyundai E&C) to collaborate on advancing residential complexes through service robot technology.

Read more...
Genetec launches Cloudlink 2210
Genetec Infrastructure Surveillance
New cloud-managed appliance addresses the practical challenges when adopting a cloud-managed model at scale, including storage costs, support for devices that do not enable direct-to-cloud connectivity, and the need to maintain local operation during connectivity disruptions

Read more...
AI projects are failing at alarming rates
AI & Data Analytics Infrastructure
As organisations around the world accelerate their investments in artificial intelligence, digital transformation and data analytics, a growing number of industry experts are warning that many companies are still approaching these initiatives in fundamentally flawed ways.

Read more...
Understanding the Shared Responsibility Model
Infrastructure Security Services & Risk Management
While the cloud can certainly be a growth enabler in many ways, it can also introduce new security risks. Companies want to have a clear understanding of where their security duties end and where their cloud service provider’s begin.

Read more...
NEC XON secures mobile provider’s hybrid identities
NEC XON Access Control & Identity Management Information Security Commercial (Industry)
For a leading South African telecommunications operator, identity protection has become a strategic priority as identity-centric attacks proliferate across the industry. The company faced mounting pressure to secure both human and non-human identities across complex hybrid environments.

Read more...
Cloud security in visitor management and access control
SA Technologies Access Control & Identity Management Infrastructure Residential Estate (Industry) Commercial (Industry)
Cloud has become the default platform for modern security operations, from visitor management portals and remote access control to incident logging, reporting, analytics, and integrations. But “in the cloud” does not mean “someone else is securing it for us”.

Read more...
Rise in malicious insider threat reports
News & Events Information Security
Mimecast Study finds 46% of SA organisations report a rise in malicious insider threat reports over the past year: reveals disconnect between security awareness and technical controls as AI-powered attacks accelerate.

Read more...
New campaign exploiting Google Tasks notifications
News & Events Information Security
New phishing scheme abuses legitimate Google Tasks notifications to trick corporate users into revealing corporate login credentials, which can then be used to gain unauthorised access to company systems, steal data, or launch further attacks.

Read more...
New commercial and technical appointments at Veeam
News & Events Infrastructure
Veeam Software has announced two senior appointments in its South African business as it continues to invest in local market growth and partner and customer engagement.

Read more...
What’s in store for PAM and IAM?
Access Control & Identity Management Information Security
Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in the coming year, driven by evolving cybersecurity realities, hybridisation, AI, and more.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.