What are the security concerns in cloud computing?
Cloud computing changes the way information and services are provided and consumed. Faster, more responsive, and more efficient use of resources leads to better business performance and competitiveness, allowing organizations to achieve their business goals at an accelerated pace. At the same time, cloud computing introduces new security risks and concerns around technology and business processes. To succeed with cloud computing, organizations must address cloud security concerns.
Existing Security & Privacy vulnerabilities that are amplified by cloud technology.
Multi tenancy. Shared hardware and services using virtualization to pool computing and storage resources together to deliver more efficient services.
Ownership and Responsibilities.
Our Answer:
1. Our Cloud Computing servcies is housed in telkomsigma´s Data Centers
As the cloud computing adoption grows, it will become more apparent that other providers of applications and resources lacks the infrastructure needed to provide secure, carrier-class reliability.
Our cloud hardware and software are housed in our own International Standard Data Centers. Customers and users will be assure of not only security but also reliabilityas our team of professionals will manage and maintain IT Operations 24/7.
Our data center infrastructure is also supported by carrier-grade network that has the transport intelligence at network, service, and application layers that will give a competitive advantage, with best of carrier-class features.
As the cloud computing adoption grows, it will become more apparent that other providers of applications and resources lacks the infrastructure needed to provide secure, carrier-class reliability.
Our cloud hardware and software are housed in our own International Standard Data Centers. Customers and users will be assure of not only security but also reliabilityas our team of professionals will manage and maintain IT Operations 24/7.
Our data center infrastructure is also supported by carrier-grade network that has the transport intelligence at network, service, and application layers that will give a competitive advantage, with best of carrier-class features.
telkomsigma’s International Standard Data Centers are certified with
ISO 27001:2005 (Information Security)
One of international standards that summarizes and provides a comprehensive framework for security is the ISO 27001:2005 ” Information Technology – Security Techniques – Information Security Management Systems – Requirements “. This standard lists Security Principles under the following headings:
- Security Policy
- Security Organization
- Asset Classification and Control
- Personnel Security
- Physical & Network Management
- Access Control
- Systems Development & Maintenance
- Business Continuity
- Audit & Compliance
2. Technology Architecture for a secure Cloud
A secure cloud infrastructure, especially when multi tenancy is employed, must meet and support the following architectural characteristics:
1. Logical separation
Security controls need to be implemented to secure logical entities, which can include both physical and virtual infrastructure components.
2. Policy consistency
It is critical to have a cloud security policy design that can be enforced consistently in both physical and virtual environments.
3. Automation
In a cloud computing environment where resources are shared dynamically, there are two security requirements: Cloud security needs to support an automated environment where resources such as virtual machines (VMs) may move around, and cloud security itself needs to be provisioned through an automated process.
4. Authentication and access control
With the “anytime, anywhere” availability of cloud services, security policies are needed to validate user credentials and authorize their cloud services.
5. Service Assurance and Availability
A cloud computing implementation will need to securely support large workloads and the underlying infrastructure, such as high-density VMs. Firewall and IPS services, for instance, must be able to scale so that they do not become the bottleneck.
We, in telkomsigma, implemented the “Secure Multi Tenancy” infrastructure to create a secure logical separation for in a shared infrastructure, while maintaining high availability. On top of that our cloud environment is highly automated and managed to ensure consistent policy and access control.
For companies that requires a more stringent security measures, due to compliance issue for example, Sigma can offer a virtual private cloud that runs on a physically separated infrastructure.
3. SLA for Customer Satisfaction
Our Cloud Computing services supports stringent security, privacy, performance, and high- availability requirements for the SLAs for cloud computing. Our computing, storage resources, network resources is able to be acquired on demand.
Our offering can offer an on-demand SLA that encompasses delay, jitter, loss, VPN capabilities and availability. Service-oriented metrics of a SLA could include resources and availability related to each service. Application-oriented metrics of a SLA could include application availability, response time, QoS requirements, transactions per second, and other metrics measured end-to-end.