Data-Driven Security for the Cloud
For vendors and value-added resellers (VARs), security is the most important parameter to ensure business success. After all, it’s the most important asset at stake when cloud computing is mentioned – data. Moreover, given that most of the cloud offerings are similar in features and pricing, it’s in security and service quality that a vendor can hope to distinguish himself.
So what are the most important parameters when it comes to security, and what has the aggregated experience so far taught the practitioners?
Security so far
Even though cloud computing is a new paradigm, the security philosophy used by most vendors is that of on-premise setups. Their core focus is still on developing data-centric solutions, and security is treated as an add-on that is sold after the migration is complete. While this looks good on paper, simplistic approaches like these can be a recipe for disaster. The cloud is such a massive shift from the traditional processes that no amount of external security is enough. In fact, if any reliability is to be sought in the system, security needs to be baked right into data.
Data-driven security calls for looking inside the system rather than outside it. That’s because different businesses have different definition of what they consider as vital assets. Depending on this, it might turn out that the real need for security is in collaborative software rather than access management. Simply put, a data-driven approach helps arrive at the right answer because it is more rational.
Of course this means a greater investment of effort on part of the vendor, but then that’s what distinguishes the truly reliable ones.