Cloud Computing: Security concerns and ODCABy Natalia David
It is often hard to get the maestros of any particular field to agree on a given subject. Same goes for the tech world, but regarding the security concerns of cloud computing some experts do have a common viewpoint. Open Data Center Alliance (ODCA) is an organization that is in pursuit of defining cloud security standards for businesses, by the help of the big guns of the members that it has including: BMW, Disney, National Australia Bank and Deutsche Bank. The organization also put forth a simplistic assurance model last year, which is still being revised as it posed more questions than it could’ve possibly answered.
What is cloud computing?
Cloud computing basically stands for computer resources that can be set up and used according to the consumer’s demand and has widespread used in enterprises that replace their own local facilities for cloud solutions. Since third party computing facilities are used, there is naturally suspicion with regards to the access of data present in the cloud and the level of security measures used by the cloud providers.
Is it secure?
Matt Lowth, chief security architect at National Australia Bank, explains that the basic dilemma with cloud computing is the absence of a standard definition of ‘secure’ and if different vendors define security differently, it isn’t an easy task for the consumer to actually know what it means. Lowth explained while speaking at an ODCA panel, that various industries have different definitions of security and expectations regarding cloud computing, which further complicates the problem. He further clarified that an advertising or a marketing site, having fewer security concerns, might deem cloud to be perfectly secure, while a military website might not consider it secure, if actual people’s lives depend on the data that could be comprised. So actually the answer to the question, whether or not cloud computing is secure, is that it depends.
Apples and Oranges
On the other hand, the IT security expert working at BMW, Ian Lamont suggests that a comparison between cloud services and on-site data storage facilities is inappropriate to begin with. It’s like apples and oranges, but the important factor for a consumer is to be absolutely sure about what is meant by secure. Still, there are smaller businesses that consider cloud to be a much safer option than hosting these services locally. The CEO of ThreatGrid, Dov Yoran asserts that cloud technology offers greater security to smaller enterprises. This is due to the fact that smaller companies often lack the proper security means and processes considering the implications of existing within economies, expertise and infrastructure of scale.
ODCA: defining security standards
ODCA is an organization dedicated to confronting such demons regarding cloud computing and an important step in that direction is the publication of usage models. These models allow for comprehensive definitions of IT requirements meant for addressing particular needs in terms of data centers and cloud solutions. All alliance members contribute in the preparation of these documents, as technical workgroups aid with initial drafting, Solution Provider members comment to the drafts and the Steering Committee puts forth final approval, also for public release. Sometimes, as was once noted earlier on, these models put forward more questions than they answer if the drafted frameworks are overly simplified.The process of evolution and novelty within these models continues as the Alliance members go on learning and continue collecting feedback from new cases. In a similar vein, formal collaborations with various industry sectors help define the specifications for standards with regards to the usage models. Cloud Solution providers also play their part by giving technical expertise for the development of Alliance usage models. Basically all the various parties involved help chalk out the requirements so that the planning can be headed in the right direction.
Eventually, the efforts of ODCA and the purpose of cloud computing is directed at figuring out the appropriate level of security for the different varieties of enterprises. According to Lowth, what is required for information security is a linkage between an organization’s practices and the opening of a weather eye from the user. Therefore, cloud technology is quite capable of allowing great user experience- be it business or private usage- through a standardization of security requirements, so that business can sleep well at nights, and private users can stop fearing computer spy software and mobile spy apps.
Natalia David, an author significantly contributes towards PC security Software , cellspyexpert mobile spy software and iPhone spy (visit website) software. If you want to know more about Natalia you can follow her on twitter @NataliaDavid4