Cloud computing and other cloud-related words are the talk of the IT world right now. Businesses frequently flirt with the concept, but some shy away from the cloud when they consider the perceived security weaknesses. According to a CSO survey, business executives are reluctant to jump into the cloud because they feel as though they do not understand cloud security.
The basic assumption about cloud computing is that it inherently invites the same security problems that any form of web hosting would, while also leaving you at the mercy and whims of the cloud service provider. Both are true. With cloud computing, your platform and/or services are hosted, and your service provider ultimately controls the strength of the system’s security. Because of that reality, the security strength you enjoy differs from one service provider to another.
Cloud computing has attracted millions of users in consumer and enterprise markets, which means that people all over the world use the cloud every day at work and at home. Despite its ubiquity, the cloud is still relatively unregulated, leaving it up to the service provider to determine the quality and safety of the available services. This has prompted some policy makers to call for worldwide cloud security regulations, something that would require government consensus and service provider compliance.
Ultimately, it is up to you to determine if a cloud service provider has secure data centers, servers, and software. That requires investigation of the services and research about the technology the providers use. Just as you would research the security of commercial software, so too must you evaluate cloud software based on similar standards.