Bricks behind the Fluffiness

The beauty of cloud is that its so soft and fluffy. Its very attractive and gives a feel that anyone jumping into it will have a soft landing. However the soft fluffiness may actually be hiding a brick wall so be careful when you take your leap.

Cloud computing has been in talks for quite some time (started  in 2007) and per Gartner hype cycle it reached the peak of inflated expectations in  2009. As of now cloud computing is in the trough of disillusionment and with a expected time of 2 years to reach the plateau of productivity. 

The technology has hit the enterprises like a raging flood and suddenly there is an immense pressure among organizations to keep up with the trend and to leap into this raging waters. Cloud computing is not all the fluffiness as its being marketed by those who have vested interest but it has got its own challenges. Its is immensely necessary for one to understand these challenges before they plunge into this madness. Organizations should assess their cloud vision in detail and also have an open eye on all the aspects before they decide for cloud adoption. Cloud is not just  "Cost effectiveness", "High scalability", "Agile" but also "Security challenges", "Interoperability", "Vendor lock-in". Enterprises who plan to take advantage of the cloud computing should not under estimate the challenges and be well prepared to handle them. Cloud security is the most important of all the challenges and organizations should take the right measures to ensure that all holes are plugged in before it is too late.

Security is no different whether its traditional on-premise infrastructure or a Public/Private Cloud. All that is required is that the right control elements in place and all possible issues have been taken care of. The cloud security is still in nascent state and not one single strategy will be applicable to all. This is why a thorough Cloud security assessment becomes necessary whether you are about to start your cloud adoption or you are already in cloud.

The Cloud Security Assessment is particularly useful in providing validation that moving to the cloud will not negatively affect security stance and risk exposure – and in some instances determines additional protections that might be required.

Typical Assessment Methodology

-Evaluation : Understand the types of assets, data or processing the organization is considering moving to a cloud service and classify the data according to risk

-Discovery : Determining exactly where the organizations critical data resides so appropriate controls can be put in place

-Analysis : Analyze the extent to which business goals can be achieved whilst ensuring that sensitive or regulated data remains protected

-Mitigation : Consult on the planning, supply , installation and support of those elements required to fulfill the security requirement that enable the cloud service migration

The Cloud Security Assessment provides a consultative approach to analyze the security implications of cloud adoption, make sure that you do it before its too long.