What is a Cloud + Company…
Cloud computing security or, more simply, cloud security is an evolving sub-domain of computer security, network security, and, more broadly, information security. It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing.
Cloud security architecture is effective only if the correct defensive implementations are in place. An efficient cloud security architecture should recognize the issues that will arise with respect to your organizations security management. Security management addresses these issues with security controls. Controls are put in place to safeguard any weaknesses in the system and reduce the effect of an attack.
While there are many types of controls behind a cloud security architecture, they can usually be found in one of the following categories:
- Deterrent controls – These controls are set in place to prevent any purposeful attack. Much like a warning sign on a fence or a property, these controls do not reduce the actual vulnerability of a system.
- Preventative controls – These controls upgrade the strength of the system by managing the vulnerabilities. The preventative control will safeguard vulnerabilities of the system. If an attack were to occur, the preventative controls are in place to cover the attack and reduce the damage and violation to the system’s security.
- Corrective controls – Corrective controls are used to reduce the effect of an attack. Unlike the preventative controls, the corrective controls take action as an attack is occurring.
- Detective controls – Detective controls are used to detect any attacks that may be occurring to the system. In the event of an attack, the detective control will signal the preventative or corrective controls to address the issue.
Organizations use the Cloud in a variety of different service models (SaaS, PaaS, and IaaS) and deployment models (Private, Public, and Hybrid). There are a number of security issues/concerns associated with cloud computing but these issues fall into two broad categories:
- Security issues faced by cloud providers (organizations providing software-, platform-, or infrastructure-as-a-service via the cloud).
- Security issues faced by their customers. data and applications are protected while the customer must ensure that the provider has taken the proper security measures to protect their information.
Authors world wide have pointed out that there is increasingly a market for information and a competition among cloud providers for information about security breaches in an effort to assist users in making a choice among providers. We are called Cloud Virtue because we are assuming the burden of your security needs.