5 myths about cloud security
Speaking of security concerns with Infrastructure as a Service provider, there are many who believe cloud service providers will provide better security, and there are others who believe there will be greater risks associated with cloud usage, such as data breaches and cloud services abuse. There are many myths associated with cloud security, of which the most common ones encountered by us are listed below:
- Virtual clouds are as safe as internal datacenters
The primary challenge in this set up is that there is still shared hardware and shared switching with VLANs for separation. This set up is maintained by the infrastructure as a Service provider, and configuration errors do happen. Hence, it is essential to have a built in high level of security at the application level also.
- A single Infrastructure as a Service provider solves all problems
Managing a single provider is simpler, but outages can happen which can affect your business. One of the well known examples is the power outage faced by Rackspace datacenters caused due to a truck colliding with a power transformer.
- Security measures for the cloud is the same as for a physical data center
- Security is the responsibility of the Infrastructure as a Service provider
SaaS and PaaS providers take up data security responsibilities, but with Infrastructure as a Service provider, a large chunk of the security requisites rests with the enterprise itself. And as seen with many instances, although the provider does ensure security, any data breach is the responsibility of the enterprise
- SAS 70 type II audit ensures data security
A SAS 70 Type II audit provides a great checklist to validate a provider’s controls were working during the period examined, but it does not equate to security. Audits only assess the past and future assurance of the same standards is not mandatory. Also SAS 70 reviews does not set standards as of now, and are meant to only test the controls of a specific process.
Nalashaa Infrastructure as a Service
Security: Through our infrastructure as a service offering, we undertake a security audit and help in securing your networks on an ongoing basis.
High Availability and Redundancy: We ensure your networks are highly available and do not comprise of any single point failures. Our proposed architecture includes built-in redundancy so that any single link failure or device failure does not affect the business adversely.
Disaster Recovery: In case of any infrastructure disaster, our infrastructure as a service offering builds contingency plans and helps you to be up and running with minimum downtime.
Network Compliance: Our infrastructure as a service offers to audit your IT network and systems to ensure they are compliant to government regulations.
To know more about our infrastructure as a service offering and expertise.