Cloud not a security cure-all

Cloud not a security cure-all

IT security is absolutely essential, as the current digital environment is populated by attackers seeking to break into private systems. Some leaders may believe the cloud provides a way out of security requirements, allowing them to place documents in the hands of third parties and out of their own control. According to ZDNet contributor Steve Ranger, this opinion is mistaken and widespread enough that the U.K. Information Commissioner's Office has issued a statement and set of guidelines designed to counter it.

Protection still needed
According to Ranger, the ICO announcement is meant to make sure companies look after their data after placing it in the cloud. Some leaders may believe data protection laws no longer apply. However, restrictions like the U.K. law that requires some data to remain within the European Economic Area are still relevant. IT managers need to acquire cloud computing contracts with specific conditions laid out and a focus on security issues.

Ranger noted that the ICO guidelines went into detail about security conditions companies may overlook when placing information in the cloud. Firms should become as informed as possible about the security standards at a chosen provider, as they are still responsible for fines and legal action if the cloud company loses track of personal information. Penetration testing and other assessments are appropriate security measures, no matter the balance of cloud and on-premise storage.

The private cloud expands
Companies hoping to gain the cloud's benefits but in need of certainty on security issues may choose to deploy a cloud for their private use. According to Gartner, however, these systems are not destined to stay closed forever. The source stated that many companies working in the private cloud will, in the near future, either add public cloud services in a hybrid model or go entirely public.