Home / Blogs

Cloud Computing Can Make You More Secure

BLACK FRIDAY DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]

The number one concern cited for avoiding cloud computing is security. And there is a reason for that. Cloud providers have demonstrated some spectacular failures in the past, including Amazon’s near total shutdown of an entire region, Dropbox’s authentication snafu, and innumerous cloud providers that go belly-up.

However, in the long run, cloud computing is destined to become more secure than in-house IT. I will briefly describe two dynamics in the industry that point in that direction, with substantiating evidence.

First, good cloud providers are getting better, as they have more staff available to do security, and bigger economies of scale, allowing them to sustain more security processes. Here is a case in point. Security people are, by nature, pretty paranoid. However, some are more paranoid than others. At a cloud security training I recently conducted, one of the attendants had created an Amazon Web Services account solely for the training. He terminated the entire account on the last afternoon. Just before the training was over, he showed me a message on his smartphone. Within an hour after he terminated the account, his LinkedIn profile was visited by somebody from the Amazon compliance department. Apparently his behavior was suspect. Either that, or they played a game on who can be the most paranoid.

As another example, does your IT department track rogue resource usage and credential leakage on a systematic basis? Some cloud providers do this for you, as this story of API credential leakage demonstrates.

Second, while the previous examples show that cloud providers can become better than the average IT department across the board, in specific areas specialized services are already way ahead of the competence and resources of the average IT department. This is nowadays called ‘Security as a Service’, or SecaaS (another example of an acronymic cloud nonomatopoeia), but the trend has roots that go back quite a while. Basically the idea is that a lot of security functionality is done in a better way by taking advantage of cloud computing essential characteristics such as elastic scalability and resource pooling.

Examples of SecaaS that you may be familiar with or are actually using are: Email spam and malware filtering, blacklist and other reputation services, DDoS mitigation and monitoring (i.e. performance). We are also seeing companies using cloud services as a component of a disaster recovery strategy. Innovation in this field is strong.

So, in conclusion, the market is nearing a ‘tipping point’ where the cloud may actually be more secure than on-premise IT.

By Peter HJ van Eijk, Cloud Computing Coach, Author and Speaker

Peter HJ van Eijk is one of the world’s most experienced independent cloud trainers. His website can be visited here.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Brand Protection

Sponsored byCSC

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global