Back to the Trustworthy Future for Cloud Security

Greg M.

Published Jul 13, 2016

It is an understatement that security is the hot topic in IT right now. This is of course being driven by the push to the cloud and the need to help organizations understand that the cloud is secure. This reminds me quite a bit of the early part of the last decade when Microsoft needed to introduce the trustworthy computing initiative as a response to the flaws being uncovered in their products. It seems like while many things have become much better based on the evidence of constant hacking incidents making headlines that perhaps some discipline has been lost with smaller teams and higher demands.

Cloud providers are very safe places with unmatched investments in security. However they are big and complex and there are many ways that solutions can be deployed that are not secure.

It is time to get back behind what the primary tenant of trustworthy computing which was to ensure that systems were built to be secure from the start. This means that organizations need to take the time to look at the provider an the solution being proposed early and make sure they understand how to secure all the components to meet their organizations security requirements. Doing this up front will save significant time and cost on the back end of a deployment.

I would also suggest this is a great time to take a hard look at your security policies and work to update them for the world we live in today or the world you expect your business to operate in going forward. I am continually having discussions related to data protection and relevant contexts to protect it. For example when doing work is an email address PII or not as it relates to using cloud and cloud systems. When migration to a SaaS based email solution the corporate email addresses are not a PII consideration for the suitability of that service. We need to move beyond this types of conversations driven by out of date reasoning.

Ideally the goal is to not slow things down but to build in the practices up front for security that do not hinder agility.

To view or add a comment, sign in

Back to the Trustworthy Future for Cloud Security

Greg M.

More articles by Greg M.

Others also viewed

Enterprises? SaaS security gaps? CASBs !!

E-Guide: Combat the Latest Cloud Security Challenges and Risk

Key Management in the Cloud: Looking at the NCSC Guidance

SKYLINE View: October Edition - Your Cloud Check-In

Cloud Computing Loopholes.

Managing Risk for Cloud Computing Requires Comprehensive Effort and Planning

The Perimeter is Dead. Welcome to the Cloud Era. The Board's New Survival Guide

Why SOC 2 Type 2 Cloud Storage Is Non-Negotiable for Modern Businesses in 2026

9 Cloud Computing Threats Your Enterprise Should Worry About!

Security in the cloud = less secure?

Cloud Security Strategy Best Practices

Data Security Issues In Cloud Migration

SaaS use cases for business email

Tips for Securing SaaS Applications in Organizations

Explore content categories

More articles by Greg M.

Recent Malware incursions

What's going on with home users...

Are there untapped enterprise savings in Voice?

My 2017 Tech Predictions

Is Device Innovation Dead?

The cloud offers the opportunity to think different..

At Microsoft what old is new again..

Best practices for Office 365 Tenant consolidation

It is time for pervasive Multifactor authentication

Skills for the Cloud IT Professional