Cloud Security
Cloud Computing is being looked at as a great way to reduce costs and simplify IT infrastructure. There are different opinions over what constitutes cloud computing. If you ask what cloud computing is you will get as many different definitions as the number of people you ask. The broadest and perhaps best definition of Cloud Computing is when data, software applications, or computer processing power is accessed from a “cloud” of online resources. The “cloud” enables users to access these resources from anywhere and from almost any computing type device.
The issues of risk, data privacy and understanding how to achieve compliance are the chief reason why most organizations’ don’t adopt cloud computing services. A recent Gartner study stated the following three reason organizations don’t adopt to cloud computing:
- Data location risk
- Risk of data loss
- Data security risk
While security can be an issue to the broad adoption of Cloud Computing, it can in fact be as secure as other computing applications. The Cloud’s virtual nature removes many of the physical work-flow and perimeter-based control points to contain sensitive data. Therefore, it is of the upmost importance that Cloud Security platforms take on a data-centric approach.
Loricca’s cost effective, pay as you go subscription Security as a Service model will assist your organization with Cloud Computing implementation, risk mitigation, assessment and security.
- Establish Context
- Risk Assessment
- Identify Risks
- Identify Assets
- Identify Threats
- Identify Existing Controls
- Identify Vulnerabilities
- Identify Consequences
- Estimate Risks
- Evaluate Risks
- Develop Risk Treatment Plan
- Reduce, Retain, Avoid, or Transfer Risks
- Implement Risk Treatment Plan
- Monitor and Review Risks