Fujitsu Cloud Security
Risk management in the new ICT landscape
Cloud solutions are now showing their potential to transform the way IT based services are delivered to organisations. Secure cloud computing can provide substantial business benefits, such as reducing capital expenditure, increasing business agility and speeding time to market.
Businesses are increasingly finding the need to use secure cloud applications and services to improve productivity and innovation.
For most organisations, the journey to cloud is no longer a question of “if” but rather “when”. However, there is one overwhelming question that is still causing many organisations to delay their move to cloud: How secure is cloud computing?
Enabling the benefits of cloud
Rather than being a barrier to adoption, cloud security is very much an enabler. Secure cloud services allow the enterprise to take advantage of the benefits a cloud platform brings. But they have to be approached in the right way to avoid the consequences seen in recent high profile cases. Cloud related security breaches can cause major damage to an organisations’ reputation and their business itself.
As cloud use increases, security teams need to ensure they are seen as enablers rather than blockers. That means they need to factor cloud into their existing risk management systems and processes. Organisations will increasingly require skills in understanding both their business’s requirements and the security implications of a multiple-cloud landscape.
Managing the risks
Cloud solutions and standards are evolving at a phenomenal speed. Multiple layers of defence are required to manage risk but the fundamental considerations remain:
These apply across:
- Management - Policies, processes, governance, integration.
- Operation - Incident management, integrity, contingency.
- Technology - Control, protection, back up and archive.
Different types of cloud, such as Private, Virtual Private, Public or Hybrid, have different data security characteristics and hence different requirements. These requirements can include compliance, audit, data segregation and incident management, to name but a few. The type of cloud an organisation chooses is one of the biggest factors affecting risk.
Secure cloud services: Choosing the right partner
An organisation moving sensitive business data to a cloud environment must take steps to ensure that its data is safe, genuine and accurate. Failing to do so can have both legal and operational consequences. It is therefore important to take data integrity into account as part of the due diligence process when selecting cloud providers and secure cloud services.
Consider these capabilities:
Cloud availability: Ensuring it's business as usual
Amid ongoing reports of cloud services being brought down by both malicious attacks and providers’ technical and operational failures, CIOs need strategies to mitigate the risk of disruption to business services. Before contracting, they should carefully assess providers’ processes for managing availability.
Cloud strategy: The right approach to cloud
It can all seem rather daunting, but if you approach cloud in the right way, with the correct checks and balances to ensure all necessary security and risk management measures are covered, there is no reason why cloud computing should be less secure than any other platform.
We’re here to help you navigate the complexities of cloud security, helping you to make informed security decisions about your cloud set-up and to better understand how to securely reap the benefits of cloud.
We’ve developed an approach designed to provide CIOs with the capabilities to meet changing security needs and to help you on the right track to secure Cloud adoption. View our Cloud Security downloads below.