Cloud security: Four customers' approaches

IT shops are taking matters into their own hands
  • John Brandon (Computerworld (US))
  • — 01 August, 2012 13:29

Depending on whom you talk to, cloud security is either the industry's biggest oxymoron and won't be resolved anytime soon or it's no big deal because cloud vendors typically have tighter security than do any of their customers.

Wherever you fall on that continuum, the notion of security comes up as a key concern in many surveys on the topic, so it's clearly top-of-mind at most IT shops. There are a few security standards initiatives that might eventually help clear up matters (see sidebar below), but those are a long way from being ready to implement.

One thing is clear, experts say: Don't assume anything before doing your own due diligence. "It would be nice to think the vendors are doing a great job [of protecting the data] and they are building a highly robust application framework that provides a high level of security," says Jay Heiser, an analyst at Gartner who studies risk in the enterprise and regulatory compliance.

To continue reading, register here to become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

File Malware Protection System

File MPS analyzes network file shares to detect and quarantine malware brought into the network through the Web, email, or other manual means, such as online file sharing.

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »