Security concerns over cloud: Are they unfounded?
The advantages for organisations adopting the cloud are undeniably many: cost savings, business agility and better productivity amongst employees who use a multitude of computing devices. According to IDC’s 5th annual survey of end-users, regional CIOs in Asia Pacific increased their spending on public cloud services and technologies in 2013 by 50 percent to US$7.5B. They are also more specific about which types of cloud models they will use and the workload that will run on the cloud. IDC notes in their recent Vendor Spotlight paper, this move adds level of complexity especially the management of applications – where should the myriad of apps reside, do they have skill sets to ensure adequate level of security and growing network.
Despite the significant number of ‘pros’, all it takes is one deadly and encompassing ‘con’ to deter enterprises from moving to the cloud; and it is one that many organisations globally and in Asia place top priority on: Security!
Most will think that the cloud is less secure than the traditional data center, or that there aren’t fantastic solutions designed to address specific security concerns such as data leaks. It’s not true. It is the loss of control that hinders the end-user’s peace of mind.
Despite the hesitation about cloud computing however, it in fact, consists of more layers of security than traditional data centers.
Cloud service providers are motivated to offer the best security as their own business as their reputation is at stake. They often invest in specific technology and employ dedicated professionals, to ensure the highest ability to mitigate security breaches. There are also increasing amounts of cloud security and compliance data protection laws to help assuage organisations should unforeseeable attacks happen.
Still, when CIOs choose to move applications from their own data centres out to the cloud, they are relinquishing part of their control over their entire data protection. This is why, apart from having faith in having chosen a good cloud service provider, CIOs need to enhance their security where they can — within the application layer.
This is where F5 excels, helping organisations to consolidate security and access policies at the application layer using Security Assertion Markup Language (SAML) to exchange authentication and authorization data between parties. Afterwhich, they can consistently enforce policies and ensure vital services are available to users — across applications and environments – making cloud-based deployments simpler and inherently more secure.