High-profile outages, apprehension about data security, and compliance questions make many enterprises wary about moving mission-critical workloads to the cloud.
Yet, the flexibility, efficiency, and geographically dispersed nature of the cloud may make it a cost-effective disaster recovery/business continuity option for organizations, large and small.
There is more than a little push/pull element to the cloud. Businesses are drawn to the flexibility, lower cost, and simplicity which the on-demand model promises. However, there is enough mystery in the cloud to raise questions about security, as well as enough headline-making outages to put up red flags about stability. Incidents such as Amazon Web Services’ twin outages this past summer, which impacted both small customers and marquee businesses such as Netflix, make customers of all sizes wary about the cloud.
Pay attention to basic security procedures and attitudes
Explore quantifying the risk from an insurance perspective
Most attacks on most networks could be defeated with just four key strategies according to this year’s winner of the SANS Institute 2011 US National Cybersecurity Innovation Award – Australia’s Defence Signals Directorate: patching applications and always using the latest version of the software, keeping operating systems patched; keeping admin rights under strict control (and forbidding the use of administrative accounts for e-mail and browsing); and whitelisting applications. The basis of these recommendations is that security is a behavioral problem, not a technical problem. In other words, if users don’t have the basic security procedures and the right attitude, no amount of technology investment is going to create the needed security. Continue reading “KISS Your Security Measures”→