It shouldn’t come as a surprise to anyone reading this article that there has been a major shift towards businesses hosting their critical applications in the cloud. Software-as-a-Service (SaaS), as well as cloud-based servers from Amazon or Microsoft, have changed the way we build networked business systems for any size organization.
Cloud-hosted solutions can (but not always) simplify local management, save money, provide flexibility, and generally simplify the planning for a system life cycle. However, decision-makers tend to focus solely on the benefits the cloud provides and may lose sight of the fact that a shift to the cloud not only changes the infrastructure but also the way technology is managed – specifically as it pertains to security and risk.
Below are a few security and risk considerations to keep in mind when moving to the cloud.
Disaster Recovery and Redundancy
For most organizations, the economy of scale for disaster recovery and redundancy solutions in a hosted/cloud-based server infrastructure exceeds anything that you could reasonably build and host yourself.
Amazon, for example, is one of the largest companies in the world, with a network infrastructure that you could accurately describe as intercontinental. While Amazon is a big target for network disruption, the level of redundancy they have (and that you can utilize if their hosting solutions fit your organization) makes uptime extremely high. Plus, they are required to test and audit these systems to assure uptime and security to a reasonable extent.
But for the organization they are hosting, there are still other considerations to be made as it pertains to disaster recovery and redundancy. The very definition of disaster changes. Instead of worrying about a server failure in your local network closet, a disaster might now mean a telephone pole getting knocked out, severing the ability for the office (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cloud/cloud-security-posture/