THANK YOU FOR SUBSCRIBING
Cloud computing security differs mainly from businesses to businesses, but its primary goal is the protection of data and control of access to that data.
Fremont, CA: Cloud computing security engulfs the practices, technologies, controls, and applications leveraged to protect cloud computing environments. These security measures are curated to protect data, services, applications, and the related infrastructure in the cloud from internal and external threats, meanwhile safeguarding users’ privacy and allowing and maintaining compliance with all applicable rules and regulations. Although cloud computing security requires to vary widely from business to business, the primary goal is the safeguarding of data and the supervision of access to that data. With more businesses taking advantage of cloud computing and enjoying the reduced cost of doing business, increased agility, and the caliber to instantly scale, they must ensure that they consider security straight from the get-go and choose the correct kind and level of security to prevent data loss and leakage actively.
The Benefits of Cloud Computing
Cloud computing, or the distribution of IT services over the internet, needs a unique set of considerations than the traditional on-premises security. In the past, enterprise security meant surrounding the enterprise applications and data with firewalls and managing the endpoint devices that operated in those firewalls, and it was a model generally referred to as a “walled garden.” But this model is essentially incompatible with cloud computing, which by definition, needs data to move beyond the enterprise perimeter. Before, the focus was substantially on preventing malware. But today, with managed and unmanaged devices pushing data to the cloud—and with data passing from one cloud to another—the security considerations have changed dramatically.
There are three categories of cloud computing security controls:
1. Deterrent/Preventative Controls- Preventative controls work to lessen vulnerabilities, like through strong user authentication that positively pinpoints cloud users and aids eliminating the access pathways for unauthorized users. Deterrent controls, a subset of preventative controls, works less as a fence and more as a “No Trespassing” sign, letting those attempting to attack the cloud system know that doing so will bring consequences.
2. Detective Controls- These controls are created to find and address in-progress threats. Depending on the kind of attack, these controls will deploy either the corrective or preventative controls to eliminate the threat. Examples of detective controls include system/network security monitoring, such as intrusion detection and prevention.
3. Corrective Controls- These controls focus on damage control and remediation, either while an attack is in progress or after it has occurred. Rollback remediation that aids in restoring systems affected by ransomware is one example of a corrective control.
See also: Top Enterprise Security Companies