Whenever you stay in a hotel, you likely take certain things for granted, one of which is security. You expect that the management will have taken reasonable steps to keep guests and their valuables safe during their stay. You expect that no one else will be given a key to your room, and that you can safely walk throughout the hotel and the grounds without being accosted by a thief or worse.
But there are two sides to this story. As a hotel guest, you also take certain precautions that keep you and your family secure. You put your valuables in the safe. You lock the door to your room before leaving for the day or going to sleep at night. You don’t give strangers a spare key and you don’t go into another person’s room unless you know them.
This security agreement is so commonplace that we usually don’t think about it – unless we end up at a shady motel in the wrong part of town, then security becomes top of mind! But the reason I bring this up is that I look forward to the day when cloud computing will enjoy such a common and effective security arrangement as hotels do now.
Like the example above, cloud security is a shared responsibility between the vendor and your organization. Fortunately, there are a number of resources that have been established in the past several years to help organizations understand their role in cloud security and apply best practices.
In my latest article for NetworkWorld, I take a look at some of these organizations including SANS, the Cloud Security Alliance (CSA), and the International Information System Security Certification Consortium, Inc., or (ISC)2. Each offers a number of resources, training and certifications to help your organization understand its role in cloud security and be proactive instead of reactive.
I encourage you to read the full article, “Resources abound to make cloud services more secure.” Feel free reach out to me with questions.
Scott Hogg is Chief Technology Officer (CTO) for GTRI.
