Global Integration on Demand
(206) 838-5400
505 Fifth Avenue South, Suite 350
Seattle, WA 98104
Contact Us

Hubbub Blog

 
Contact Us

See how Hubspan can help solve your integration challenges.

verification image, type it in the box

* marks required field

 
 
Hubspan Connection
 
 

New Security & Compliance Updates

/

OWASP Top 10 - 2010

The Ten Most Critical Web Application Security Risks

Click here to read the complete data sheet

 
« Back to Hubbub Blog
Subscribe to Hubspan's RSS Feed

Debunking the Top 3 Cloud Security Myths

Posted by SLynch on February 23, 2010

There have been a flood of predictions that 2010 will be the “Year of the Cloud,” but not enough people are giving executives the tools to address which cloud solution is best for them. Worse, uncertainty and confusion permeates most media coverage of cloud security, leading some executives to want to scrap the term “cloud” altogether.

We will be doing a series of blogs over the coming weeks around the cloud, how to evaluate it and what security in the cloud really means.

First, we’d like to debunk some of the most common myths about cloud security, provided to us by our own cloud security expert, Hubspan VP of Engineering, Ian Huynh.

Myth #1 – All clouds are created equal

One of the biggest crimes of the IT community over the last few years is to talk about “the cloud” as if it is a single, monolithic entity. This ignores the dozens of ways to configure the infrastructure underlying a cloud computing solution, and the many more ways of configuring and running applications on those platforms. These considerations should directly inform any discussion of cloud security.

Instead, you often find that people are lumping established, enterprise-class cloud solutions in with the free services offered by social networks and similar “permanent beta” products. This does a fundamental disservice to everyone participating in the discussion around cloud security. Kyle Gabhart touches on this in his own list of cloud computing myths.

Myth #2 – Cloud security is so new, there’s no way it can be secure

Although the cloud is already bringing radical changes in cost, scalability and deployment time, most of the underlying security concerns haven’t changed in the last several years. Don’t forget that when you talk about the cloud, you’re still talking about data, on servers, (typically) in datacenters. When it comes to cloud security, no one is reinventing the wheel. That brings us to the final myth…

Myth #3 – All clouds are inherently insecure

As previously mentioned, a cloud is no more or less secure than the data center and networks that it is built on. In fact, a key advantage to third-party cloud solutions is that a cloud vendor’s core competency is keeping their network up and running securely. In fact, most service providers have clear SLAs around this. The economies of scale involved in cloud computing extends to vendor expertise in areas like application security, IT governance and system administration. Recent moves towards cloud computing by organizations as security-conscious as the NSA and the Department of Defense illustrate how clouds can be extremely secure, depending on how they are built.

No Comments »

No comments yet.

Leave a comment

Business Integration
Solutions
Challenges
Partners
Company
Community

© 2010 HubSpan. All rights reserved.



Site by Portent, an internet marketing company