“There’s no fu%^ing way I’m putting any company data in any public arena. It’s way too dangerous!”
“Calm down dear, it’s only progression.”
So, let’s start with the standard bloggers template of a Wiki definition: “Security is the degree of protection against danger, damage, loss, and crime.”
Talking with enterprises daily, reassurance of a secure environment is close to the top of everyones ‘need to know’ when conversation turns to Cloud, be it Big Data, Social Collaboration, SaaS, PaaS, IaaS or whatever todays ill-educated marketers have conjured up in their cauldron of hysteria.
With the possibility of your corporate data on the same physical hardware as others (it could even be your greatest rivals, that’s the luck of the draw folks!), not knowing exactly where your data is can be a little bit of a creepy minefield for the non informed. And it’s this exact lack of understanding which fuels the disbelievers of all things new. In many cases Cloud Computing is a MORE secure way of accessing and stockpiling your enterprise data. Just because your data’s stored in a place where you have better control doesn’t guarantee to make it more secure than a restricted Cloud environment. In fact only a few elite enterprises can justify the cost of securing their network in the way a Cloud supplier can.
I’ve worked with some of the largest enterprises in the world, and believe me internal security the majority of the time is poor when you really get to understand the environment!
So this leads me gracefully into the question, “What are the most common enterprise security breaches?”
Sad but not surprising, it’s the internal staff aka your company employees. They download trial/ shareware/ evaluation/ free software, basically dodgy files from the Internet that contains viruses and Trojans. Lack of a secure password policy because business users “find it hard to remember an ever changing dizzy sting of text, numbers and other bizarre symbols”. Just as bad, they send around emails with highly sensitive information attached! And if you think that this is not your company you’re wrong, every company does it to a degree.
Other issues can be down to I.T departments not properly supporting their own internal networks through software patch management and virus protection. On top of all that you have the light-fingered employee who feels obligated to take hardware home with him/her.
These are the most common ways in which networks get attacked. Most of which Cloud eliminates by enforcing official, strict guidelines and procedures in place to counter the majority security concerns.
But it’s not all a bed of roses. Security for the enterprise on the Cloud is a SHARED responsibility. The higher up the Cloud ‘stack’ you embrace, the less SHARED responsibility is placed on your enterprise.