Cloud security myths


Our support engineer Anna Beletskaya says at her article about common security myths

http://betanews.com/2015/07/24/cloud-security-myths-busted/

The benefits of cloud are vast and significant. Cloud enables rapid deployment, provisioning, and scaling of IT resources and data.        It also shortens development time, reduces waste, and lowers costs. But despite increasing cloud adoption rates, some companies still do not rush to move its workloads and applications to the cloud due to some common myths and delusions that are more fluff than fact.

When organizations are considering moving to the cloud one of the first questions asked is, “Is it secure?” It’s a reasonable question, since there have been a lot of fears and doubts circulating across the industry around this point – particularly with some high profile breaches in 2014. While security is always a priority when it comes to business, several of these concerns are much more bark than bite. So, let’s demystify those concerns and give peace of mind for organizations looking to move forward with a transition to the cloud.



1. Cloud Environments Are Easier to Attack

Two identical servers have the same potential vulnerability risk level, no matter if they’re located in your company’s private data center or within a cloud provider’s data center. The data protection’s level relies less on the machines and more on the security state of each data center environment. At this point, many companies store their most valuable data in private clouds that they protect and maintain on their own. But if you are managing a few in-house IT resources of a small company, an external provider likely has more security expertise than you do.

So the clouds aren’t easier to attack, since the vulnerability depends on the security posture of the data center itself, which is provided by various security tools and methods.

2. Customers in the same cloud can attack each other.

Within a public cloud, multiple tenants share processing, storage, and other computing services within a cloud services provider’s data centers. It might make you imagine that it’s easy for one tenant to steal another tenant’s data due to the concept of shared resources. But in fact, virtualization provides strong partitions between tenants within the data center, so that they’re effectively isolated from each other. Unless your data center is owned by a competitor that would love to snitch your data, it’s very unlikely you’ll become an intended attack victim by a fellow customer.

3. You can’t control where your data resides in the cloud. 

Data residency is a key concern, and many countries’ regulations do not allow exporting of personal data or its storage to another country. Knowing where your data resides requires transparency from your provider. You should also know where your data travels and how it is protected either at rest or over transition. This myth can be easily addressed by choosing a global cloud service provider, which provides secure cloud hosting solutions and operates data centers in multiple countries.

Putting your cloud fears aside will allow you to see the benefits of cloud solutions – such as lower costs, smarter resources usage, and expanded capacity. You just need to rely on a trustworthy cloud solutions provider, such as PlexHosted LLC, which delivers the security and data protection level, that will satisfy your requirements, and can provide you with fully managed secure private cloud or a separate tenant within the public cloud.