The cloud security debate

September 2011 News & Events

Security is probably the biggest bane in an IT professional’s life, particularly in light of the number of high profile hackings that have taken place over the past few of months. Security breaches seem to be growing in both frequency and stature and this creates concern for any organisation.

Cloud computing and virtualisation are taking global markets by storm, but there are a number of concerns relating to security that are preventing organisations from fully embracing these technologies. “Companies are often nervous about cloud computing and the security of their data in the cloud, particularly in light of stringent corporate governance rules,” says Lizelle Christison, exhibition manager of IP EXPO at Montgomery Africa. “One of the major concerns is the lack of clarity around who is ultimately responsible for the security of their data once it has been moved into a cloud environment. Other concerns include confusion around the legalities of where the data is hosted and a general sense of loss of control over a company’s information, effectively the life-blood of their organisation.”

Lizelle Christison
Lizelle Christison

Cloud computing services are generally delivered in three different models, namely Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) or Infrastructure-as-a-Service (IaaS). “The first two models typically place responsibility of data security on the shoulders of the service provider as they own most of the IT and security stack.”

Infrastructure-as-a-Service on the other hand lends itself more toward shared responsibility. “Here the service provider will provide some level of baseline security such as firewalls and load balancing, but the responsibility of securing the individual organisation’s data generally falls with the enterprise.”

This adds a new level of complexity to the negotiation of terms and agreements between organisations and their cloud service providers. “It is critical that terms and conditions of CSP agreements are carefully negotiated and checked to ensure that responsibilities in terms of security are adequately understood and met,” says Christison. Enterprises should also investigate additional security measures for their data in the cloud.

Security is one of the key issues that will be discussed at this year’s IP EXPO, taking place on 15 and 16 November at Sandton Convention Centre. “Security is one of the underlying themes that runs across the three seminar streams – IP Networks, Virtualisation and Cloud Computing – and will therefore come under scrutiny from a number of angles,” Christison concludes.

Hi-Tech Security Solutions is hosting a Security Debate on Day 2 of the IP EXPO, where a number of these issues will be debated among leaders in the security industry.

For more information, visit www.ipexpo.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Phishing attacks through SVG image files
Kaspersky News & Events Information Security
Kaspersky has detected a new trend: attackers are distributing phishing emails to individual and corporate users with attachments in SVG (Scalable Vector Graphics) files, a format commonly used for storing images.

Read more...
Fully-integrated browser AI
News & Events
Opera Mini now provides all its smartphone users with its own free built-in browser AI, Aria, including AI chat, Ask Aria and image generation. According to an Opera survey, 80% of South Africans want AI tools integrated into their browser.

Read more...
Amendments to the Private Security Industry Regulations
Technews Publishing Agriculture (Industry) News & Events Associations
SANSEA, SASA, National Security Forum, CEO, TAPSOSA, and LASA oppose recently published Amendments to the Private Security Industry Regulations regarding firearms.

Read more...
Local innovation driving excellence in FM
Securex South Africa News & Events
As organisations seek cost-effective, sustainable, and high-quality solutions, home-grown facilities management innovation is proving to be a critical driver of operational efficiency and long-term success.

Read more...
PIV-ready High Sec Controller 7000
News & Events
Gallagher Security announced the release of the latest addition to its controller product range; the High Sec Controller 7000, which incorporates all the core functions of the C7000 Standard variant released less than 18 months ago.

Read more...
The impact of GenAI on cybersecurity
Sophos News & Events Information Security
Sophos survey finds that 89% of IT leaders worry GenAI flaws could negatively impact their organisation’s cybersecurity strategies, with 87% of respondents stating they were concerned about a resulting lack of cybersecurity accountability.

Read more...
Lack of optimism for African economy
News & Events
African Leadership University publishes the 2025 Africa Workforce Readiness Survey, which shows that only 21% of South African employers are optimistic about the future of the country’s economy, the lowest of any country polled.

Read more...
From the editor's desk: What’s a trillion between friends?
Technews Publishing News & Events
Back in the bad old days of 2015, some (who didn’t want to take the blame for coming up with that number) estimated the amount of money lost to corruption by the South African government to be around ...

Read more...
Closing physical security loopholes
Securex South Africa News & Events
Relying on outdated physical security measures can expose businesses and facilities to threats in today’s fast-evolving security landscape. Fortunately, advances in security technology are helping organisations stay ahead of threats by closing critical security gaps.

Read more...