Cloud computing security or cloud security refers to a set of policies, technologies, and controls deployed to protect data, applications, and the infrastructure in a cloud. There are several security issues related to cloud computing but mainly there are concerns with cloud service providers and ones related to their customers. In general, the provider must ensure that their infrastructure is secure while the customer must ensure that the provider has taken the proper security measures to protect their data. So, is it just a matter of trust and is the data really protected when stored in a cloud?
Nowdays we all use smartphones, tablets, upload our data to Gmail and Facebook, have our profiles on company’s ERP/CRM and it is no wonder that most of us use cloud to store data and access them easily. Let’s start from the beginning. From the day you decided to get yourself a cloud service provider. I did a little research in the past couple of weeks among my friends who uses clouds for their personal and business data respectively. On the question how did you find your cloud service provider, the vast majority, 70% simply googled it, some said a friend recommended one and just one created his own on-line repository. So is the one with his own creation the smartest one? Well, not necessarily! On one side he had to have a knowledge in order to do so and question related to security still stands but on the other what happens to the data when cloud service provider is being hacked or compromised in any other way? So it is a matter of trust after all? In time when everything has been brought to us by mass media, clever marketing and catchy slogans it is hard not to follow up with what they offer for for a buck ninety nine a month or so.
Remember Douglas Quaid from Total Recall starring Schwarzenegger when he watch a commercial on a train considering to put his life in danger and go Mars virtually, his work pal told him not to do so but he did it his own way? Most of us are not action heroes and life is not a motion picture but we do follow up with media and some of us gets in trouble just like Douglas did. Two prong attack illustrates my point, on the one hand hackers stealing personal and financial information and on the other last year authorities told MegaUpload users to forget about their data when they shut that service down. In these cases our stand alone guy with his home based cloud did great but, in the case when his server crashes or become unavailable due to issues related to connection, power or hardware failure his paranoid point is lost, as well.