Monday, October 31, 2011 5:06:39 PM
While the benefits of cloud computing continue to flood the discussions of IT sector professionals, security concerns remain among the largest impediments to more broad reaching adoption. KSEE24 News, a local NBC-affiliate news provider, recently published an article explaining some of the best practices for staying safe online and while using cloud-based services.
Many of the security concerns stem from the actual benefits of the service, such as flexibility and availability of data for users. The source notes that if users take advantage of the services without first assessing the unique security requirements they entail, it could end up a potentially disastrous situation.
"People want to be able to access their applications not just from their computer, but from their phones, tablets, etc.," chief technology officer of a Miami, Florida-based cloud solution implementation provider, told the news provider. "And if they're using the same user ID and password everywhere, they're going to run into trouble."
The news provider recommends users implement cloud security programs, such as Security-as-a-Service, to ensure the safety of their records. For workers who use cloud services to operate remotely, encryption practices are key, the source asserts. One of the most common types of encryption, end-to-end, can be viewed as a perfect solution when using cloud based systems. End-to-end encryption involves the sender and recipient of data de-encrypting and then once again encrypting data, automatically, upon viewing the information contained therein. This ensures that the middle man, and transmission process of data in general will be safe at all points.
For individuals that use cloud services on their mobile devices, the news provider advises them to always click "Don't Allow" when a website asks to track your location. By disabling the GPS capabilities, the data is inherently safer.
For further guidance on safe internet and cloud computing practices, the Federal Trade Commission and other regulatory entities offer advice via their websites. Additionally, the Cloud Security Alliance recently developed the Security, Trust and Assurance Register. According to the CSA, STAR will work as a template for providers to describe their practices, security specifications and more.
In the end, the CSA hopes STAR will help standardize the cloud computing industry, while also providing prospective consumers with a means of assessing vendors and ultimately making the right decision. STAR is expected to be released to the public by the end of this year.
-McAfee Cloud Security