..::You can change the world with the knowledge::..

Security and Privacy Aspects in cloud computing

It's all that matters. Before a company / organization benefit from cloud computing, there are several aspects relating to Security and Privacy below that must be considered:

1. Risk Management and Compliance - organizations are starting to adopt the cloud still be responsible for aspects of security management, risk, and compliance with the rules applicable in the related industry. Risk and compliance management requires a strong internal team and the transparency of the process of cloud service providers.

Recommendation: cloud service providers have to use some or best practice frameworks such as MOF, or ITIL, and have certifications such as ISO / IEC 27001:2005, and publish the audit report to the SAS 70 Type II. In addition, according to provisions of a state, may also have to adhere to the PCI or FISMA.

2. Access and Identity Management - Identity can be obtained through some cloud service providers, and must be interoperable between different organizations, different cloud providers, and based on strong process.

Recommendation: Authentication is recommended to use several factors at once, such as biometrics, one time password tokens (such as token BCA), ID card with a chip, and a password.

3. Integrity of Service - cloud-based services must be built with a foundation of strong security, and operational processes must also be integrated with security management in the organization. The cloud service provider must follow the process that can be proven, well-defined, and clearly in integrating security and privacy in services ranging from the earliest point, at any point in the cycle, until the final. Besides security management and auditing must be aligned between cloud providers and customers.

Recommendation: Use such certification EAL4 + (for security evaluation), SDL (for application development), ISO / IEC 18 044 (for incident response)

4. Integrity Client - cloud services that are used on the client side should pay attention to aspects of security, compliance, and integrity on the client side. Integrity client can be improved by using a combination of best practices.

Recommendation: Strengthen the desktop system, make sure the health of desktop systems, apply the appropriate IT policy, identity federation, Network Access Protection and so on.

5. Information Protection - Services cloud requires a reliable process to protect the information before, during, and after the transaction. Take advantage of data classification to improve the control of the data is ready to be released into the clouds.
Recommendation: Use encryption technology and information rights management (IRM) prior to data released to the cloud.


If an interested company to implement cloud services, here are some tips:
Start with small things first, such as utilizing cloud services as below: Email, Calendars, Contact, Messenger, Storage, Document / Productivity, Photo, Group, News / Sport / Wheather, Synchronization Devices (live mesh), Family Safety, Mobile, Map
Map business requirements to a cloud service, do not do the opposite.
Not necessarily cheaper cloud services, calculate the overall cost if the system is used in full. Compare with the local system (on premise), and also studied the possibility of combining the cloud service with local system
Make the process of socialization and learning about cloud services to all employees in the company
Study the possibility of technical issues such as interoperability, architecture, and integration. Make sure that the format of files created through the cloud services are also exactly the same as a local application on the client side


Daniel said...

Thanks for sharing information very helpful.
cloud computing providers

...::DieBrie::... said...

goog blog,, keep sharing

Briyani Missisipi said...

Good information.

Mandeep Cables said...

Cat6 Cable Manufacturers Supplier

We have gained a huge popularity in the market by offering excellent quality assortment of Cat6 Cable Manufacturers Supplier. These are manufactured from high grade raw materials and latest technology by our expert team. Best quality and low prices we are supplier. Call us +91 98990 00668.


Keerthi said...

You made some decent factors there. I looked on the internet for the difficulty and found most individuals will associate with along with your website.Keep update more excellent posts.

Cloud Computing Training in Chennai | SAS Training in Chennai

Dbcomp said...

Good to see these helpful information here, Thanks lots for sharing them with us.
Networking Security
Sage 50 Training

Tegan Randall said...

Nice read
cloud server providers

Help Adya said...

Hey, that’s really a good post on pets for sale in Delhi, i really like your blog as the information is very useful if you are a pet lover. Well, there is one more site for the same service www.helpadya.com you should check it for more detail.

ibrahim ammar said...

Free games العاب طبخ new amd free

هنالك نوع منتشر جدا اسمه العاب بنات هو العاب يخص البنات هي العاب حب

Dbcomp said...

I read your post and I really like it, Thanks for sharing useful information....

networking security
sage training

Mandeep Cables said...

Networking Cable Manufacturers and Suppliers

Mandeep Cables are a leading wire and cable manufacturers company. That is engaged in manufacturers and suppliers of a wide range of networking cable. That are manufacturer from a high grade of raw materials and using modern technology. Call Us-91 9560718414.

Help Adya said...

Hi found your blog content very strong I realized after reading Internet services in Delhi blog, really such useful information aboutInternet services in Delhi Demand for classifieds is increasing day by day with fast pace. I like the information on your blog there is another classified website for same services www.helpadya.com.

ethernet cord said...

Thanks for the great post. Pretty good post. I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts.

joseph taxton said...

It is a business that provides servers or computers for your website to actually reside in VPS Malaysia | Professional Hosting Services |SLA.

David Smith said...

Its Very valuable post for everyone & really I read and like this article.

Direct Mail Real Estate Marketing
Direct Mail Letter

tom hardy said...

Networking Related..In This site we write about Cisco examination,Cloud computing,Amazon web services,Big Data analytics,Computer networks and more ...

Kumar Ranjan said...


Post a Comment

Powered by Blogger.
== Friends & Link ==



Blog Top Sites