According to an IBM survey over 60% of CIOs say that cloud computing is an integral part of their plans for their business operations to increase competitiveness and improve efficiencies. Cloud computing clearly, is here to stay.
Securing data is always of vital importance and because of the critical nature of cloud computing and the large amounts of complex data it carries, the need is even more important. A lot of organizations have gone the cloud computing way since it promises significant savings in hardware and data center management among other things. These inherent advantages allow cloud computing to offer organizations the ability to improve their overall information security. The cloud model ensures effective control and smooth running of IT resources, processing and information giving it a head and shoulders lead over more conventional technology especially for small and medium enterprises. Not surprisingly, by virtue of this scale both tenants and users of the cloud model get better security because the provider's investment in achieving better security costs less per consumer. By the same token, a private cloud offers greater security advantages provided the investments in it have been extensive.
Some security basics include –
Identity management – to control access to information and computing resources
Physical security – access to the machines and to the relevant customer data is restricted and documented
Application security – includes measures that are taken throughout the lifecycle of an application so that any design, development, upgrade or maintenance flaws do not come in the way of its efficiency
Privacy – ensuring top notch safety using data masking for critical data such as credit card numbers and financial details
Recent reports have talked about some upcoming trends in the area of cloud security such as –
More and more partnerships are being formed between providers of cloud service and those providing security solutions and in fact some of these security solutions are cloud specific
Among the top cloud security solutions offerings that include identity management and encryption
A significant move towards strong security standards and guidelines
The issue of security in the cloud is one that is taken extremely seriously among leading technology companies and this has led to the creation of the Open Cloud Manifesto by big names such as Cisco, SAP, EMC, IBM and some others. The manifesto calls for greater and more consistent security and monitoring of cloud services.
With the introduction of stringent auditing security standards have gone up several notches. The SSAE 16 SOC 1 audit, formerly known as the SAS 70 II audit, is the most recent and stringent of these security standards. Replicon the leading provider of cloud-based (SaaS) timesheet software has completed this audit successfully. SSAE 16 stands for Statement on Standards for Attestation Engagements No. 16 and it is conducted by the AICPA (American Institute of Certified Public Accountants) and its successful completion is part of Replicon's continued commitment to maintaining the highest levels of security for its clients. The structure of the report is intuitive and it is designed to be incorporated with Replicon’s clients’ Sarbanes-Oxley compliance programs.