Cloud security: five considerations

1 April 2017 Infrastructure, Information Security

Being well-armed for the barrage of emerging cyber threats is essential as you plot your journey to enterprise cloud services. Here are the five biggest cloud security considerations:

AJ Hartenberg.
AJ Hartenberg.

1. Responsibility

Your cloud provider certainly has the responsibility to ensure top-notch security, at both a physical data centre level, and the protection of your data itself. But as a customer, you simply cannot shirk the overall responsibility – to select a secure cloud partner and platform, to ensure you comply with your industry’s data governance laws, and use the latest multi-factor authentication and encryption tools. Ultimately, legally speaking, the mandate of being the sole data trustee cannot be outsourced to your cloud provider.

2. Platform

Look at every aspect of the cloud platform you choose, such as the physical security systems used at the datacentres, the type of hypervisor that’s used to generate virtualised computing services, the APIs connecting services to each other, and more. Double-check that your cloud provider complies to local and international data security/privacy laws, as you conduct your thorough due diligence on their platform.

3. Network

Have you confirmed that your cloud provider can provide you with a secure online tunnel to its data centre? Have you vetted its data security controls, including the hashing of data? And is it conducting regular penetration tests on its network? These are certainly the kinds of questions you should be asking. Closer to home, you will need to evolve your own organisation’s local network to ensure that your network security operations are orchestrated to handle cloud migration.

4. Firewall

The latest advances firewall services can be found in Virtual Domains (VDOM) that segregate any unauthorised network traffic coming into your VLAN, leaving you with a clean, point-to-point connection to your cloud service provider. When used in combination with strong network security controls, the firewall is a powerful weapon in one’s arsenal of defence weapons.

5. Skills

As you build your cloud security capability, understand the most critical skills that are required (either in your in-house team or within the cloud service provider). Look at areas like compliance, risk management, data laws, communication, encryption, penetration testing, and network security. Conduct regular vulnerability assessments that include a skills matrix, to understand and address any gaps in expertise.

For more information contact T-Systems South Africa, +27 (0)11 254 7789, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Data resilience at VeeamON
Technews Publishing SMART Security Solutions Infrastructure Information Security
SMART Security Solutions attended the VeeamON Tour in Johannesburg in August to learn more about data resilience and Veeam’s initiatives to enhance data protection, both on-site and in the cloud.

Read more...
Troye exposes the Entra ID backup blind spot
Information Security Infrastructure
If you trust Microsoft to protect your identity, think again. Many organisations naively believe that Microsoft’s shared responsibility model covers Microsoft Entra?ID – formerly Azure AD – but it does not.

Read more...
Secure data protection without hardware lock-in
Infrastructure Information Security News & Events
New Veeam Software Appliance empowers IT teams to achieve instant protection with Veeam’s fully preconfigured, software-only appliance, delivering enterprise-ready simplified deployment and operational efficiency, robust cyber resilience.

Read more...
Hytera supports communication upgrade for Joburg
News & Events Infrastructure Government and Parastatal (Industry)
By equipping Johannesburg’s metro police and emergency services with multimode radios which integrate TETRA and LTE networks, Hytera is bridging coverage gaps and improving response times across the city.

Read more...
Combining TETRA or DMR with 5G broadband
Infrastructure IoT & Automation
As enterprises face rising complexity and connectivity demands, hybrid networks offer a transformative path, combining the proven reliability of TETRA or DMR with the innovation and coverage of 5G broadband.

Read more...
Questing for the quantum AI advantage
Infrastructure AI & Data Analytics
The clock is ticking down to the realisation of quantum AI and the sought-after ‘quantum advantage’. In many boardrooms, however, quantum remains mysterious; full of promise, but not fully understood.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...
Most wanted malware
News & Events Information Security
Check Point Software Technologies unveiled its Global Threat Index for June 2025, highlighting a surge in new and evolving threats. Eight African countries are among the most targeted as malware leaders AsyncRAT and FakeUpdates expand.

Read more...
IoT-driven smart data to stay ahead
IoT & Automation Infrastructure AI & Data Analytics
In a world where uncertainty is constant, the real competitive edge lies in foresight. Businesses that turn real-time data into proactive strategies will not just survive, they will lead.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.