Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Published by CP4 on August 11, 2021
To correct the record on common cloud security myths and misconceptions, we must begin on an equal playing field. This means establishing a common-ground understanding of what cloud computing is. According to Microsoft’s definition, “Cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet (‘the cloud’) to offer faster innovation, flexible resources, and economies of scale. You typically pay only for cloud services you use, helping you lower your operating costs, run your infrastructure more efficiently, and scale as your business needs change.”
That’s a pretty simple yet comprehensive definition—so we won’t try to complicate things further by rephrasing. Cloud computing is preferred over traditional, on-premises solutions because of its cost-effectiveness, scalability, high performance, reliability, and, yes, exceptional security.
Now that we have a fundamental understanding of the cloud, we can address some of the significant concerns, myths and misconceptions surrounding cloud security in the business world.
For non-techies and many people outside of the cybersecurity profession, it’s difficult to imagine how storing data somewhere beyond your reach can be a safe method of protecting digital assets. However, if you study the actual technology beyond cloud security, it becomes evident that it’s far less susceptible to being compromised or attacked than a physical server in your own building.
The top keys to securing data are to implement strong governance, diligent monitoring and auditing, and strict access rights. These can be deployed in a superior manner in the cloud. This makes it a much stronger ecosystem from the start.
One myth that’s dominated the industry for years is that since the cloud is managed by cloud service providers (CSPs), it must be more susceptible to threats. But once again, this is misleading.
As Box explains, “CSPs have matured their security expertise and toolsets over the years.” In many cases, it has become safer to work with a CSP than to handle data security on your own. With a CSP, you benefit from regular patching, security monitoring, and additional firewalls and threat-prevention solutions.
The notion that data can’t be controlled in the cloud is an elementary misconception. The idea that you have more control over data when it’s in a server closet down the hall versus with a cloud provider hundreds or thousands of miles away misses the entire point. Once data is placed into the cloud, it’s not only more secure, but it’s also just as accessible. Geography has nothing to do with the ability to retrieve your data.
People naturally have distrust in new things. So, it’s only logical that a specific segment of the marketplace pushes back against the cloud. But here’s the truth: The cloud isn’t as novel as most people think. Its origins stem from the 1990s, when businesses began deploying software over the internet. So, it’s been around for more than 20 years at this point, and has been maturing throughout that time.
One concern businesses have with cloud adoption is the idea of operating within a public cloud environment. While it’s true that a public cloud is a multi-tenant environment—meaning multiple users’ data is stored on the same server—this isn’t nearly as dangerous or convoluted as it seems.
Multi-tenant environments have strict partitions and security systems to prevent anyone on the same cloud from accessing your data. They are no more or less risky than any other type of storage environment.
As confounding and nebulous as the concept may seem to the non-techie portion of the marketplace, the reality is that, when managed correctly, cloud security is far more secure than traditional on-premises solutions. And the sooner the masses realize this, the quicker we can fight back against the steep uptick in cyberattacks and ransomware.
This was shared with permission from ISACA – Author Anna Johannson
Back to All Posts