The number of CIOs giving a serious thought to the Cloud and actually migrating their mission-critical data to the Cloud is an indication that the risk associated with the Cloud is just a perception, a myth that must be exploded.  The Cloud is not risky as it is made out to be.

Much of the skepticism about the Cloud stems from a feeling that the Cloud is not secure.  The feeling cannot be dismissed.  No one can really feel secure when enterprise data is being stored on third party repositories on a remote server, whose location remains a mystery to the CIO.  Therefore, it is no wonder that security ranks highest on the list of discomforts that CIOs experience when entrusting their data to Cloud servers.

How do Cloud vendors address these issues and how are they successfully wooing customers?

The Cloud vendor holds out two software level promises to their end users.  First, the data that is transmitted to the Cloud and stored in the repositories will be encrypted.  The encryption key can be user defined and secured by the user at their end.  It follows that the vendor and his staff will have no way of decrypting the data stored on the server.

Second, the vendor software agent interface facilitates, the implementation of user defined access policies and the assignment of specific rights and permissions to authorized users. This cannot be overridden by the vendor from the Cloud data center or by anyone operating from outside the system.

Third, the Cloud vendor promises the end user physical security of the data center.  The service level agreement (SLA) provides a detailed list of all the physical security measures that will be taken by the vendor to prevent unauthorized access to the data center.

Fourth, Cloud vendors offer state of the art disaster recovery systems.  They mirror, replicate end user data, and provision for failovers so that data remains highly available and recoverable at all times.

In short, Cloud vendors:

  1. Use State-of-the-art security and compliance technologies
  2. Harness the power of Third party tried and certified encryption and automation measures
  3. Create physical restrictions to access in Cloud data centers
  4. Offer reliable backup and disaster recovery

To sum it up, security on the Cloud is locked down tighter than your own on-premises systems.  Businesses and their very existence in the market place depend on it!