Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Need for caution with cloud computing security

Global Secure Systems (GSS) : 02 October, 2008  (Technical Article)
Changing corporate IT infrastructure requires cautious approach to security measures despite high profile cases of adoption of new technologies
Global Secure Systems (GSS) says that Oracle's decision - announced at its World Forum last week - to license its technology for use in Cloud Computing environments, shows that the future of corporate IT is changing.

'Oracle's decision to license its 11g database, its middleware and management tools, starting with the Amazon's Elastic Compute Cloud (EC2), is an indicator of how quickly corporate IT is changing,' said David Hobson, GSS' managing director.

'What we are noticing is that our customers are starting to ask how their corporate data can be cloud-enabled and, of course, whilst the process seems simple enough, there are a significant number of security and IT considerations to plan ahead for,' he added.

According to Hobson, the consequences of porting the company database and other information to a service like Amazon's EC2 needs to be carefully planned at all levels, not least because of the security considerations.

Cloud computing, he said, raises a number of security issues for any organisations that implements it. 'For example, who and where is data being held? The Data Protection Act is pretty clear that you cannot just export data without appropriate controls,' he said, adding that he was at an event last week where the FSA presented on the issue of data security.

'In the FSA's opinion, data security is now the biggest financial crime risk. They estimate the cost to UK business to have been around the £1.7 billion mark last year,' he explained.

Hobson went on to say that there is also the issue of corporate governance guidelines laid down by the Data Protection Act, The Companies Act 2006 and - if firms do business with US corporates - the Sarbanes Oxley Act.

'You can't simply sign the company up to a Cloud Computing environment and not consider all these points. Policy decisions and security issues need to be carefully considered - even down to discussing the move to Cloud Computing with your professional indemnity insurer - as unless you can prove you have taken the required planning and security steps, your business insurance policy may be invalid if a data breach occurs,' he noted.

Against this backdrop, Hobson advises severe caution on the Cloud Computing front, at least until a company has carried out a full risk analysis on the technology, and implemented a cloud-enabled IT security framework.

'Having said this, it's clear that Cloud Computing is where the future of corporate data access and computing lies, so companies need to start making the necessary planning now, in order to cope with what will be a sea change in their IT security needs,' he said.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo