Understandably, many IT managers are leery about the security risks of cloud computing. They say it’s hard enough to protect data within their own firewall, so how can they take advantage of cloud computing without opening up a host of new security and compliance challenges? After all, while the lure of a more agile, cost-effective IT infrastructure is appealing, the business risks are quite real. We only need to turn on the news to hear of the latest high-cost security breaches.
Yet it is possible to confidently take advantage of the cost and flexibility advantages of cloud. The first step is to enact an enterprise-wide security infrastructure, and then extend those security and compliance controls to cloud applications such as Salesforce.com and Google Apps. This way, your business will have an automated way to provision accounts, manage access rights and revoke credentials with ease, no matter if the workloads are physical, virtual or in the cloud. Moreover, this infrastructure would provide visibility into not only exactly who has access to what information but how they use that access.
This type of federated identity structure could serve as the foundation for managing access control in heterogeneous environments—leading to a more cloud-ready enterprise. Thus, you could quickly give users access to the applications and resources they need via virtual or cloud environments, in a secure, compliant fashion That’s the future I envision.
Where do you see your IT environment headed? Is cloud security on the horizon at your business?
Also, if you are interested, I'll be discussing cloud readiness on this week's edition of cloudchasers.
Posted
May 25 2010, 08:16 PM
by
BenGoodman