Thursday, 22 September 2011 13:47
The biggest inhibitor to cloud computing is the perception that cloud is less secure than traditional computing environments. In truth, however, organisations can have the same levels of control with cloud computing as they have with their existing IT systems.
That’s according to
Dave Funnell, Sales Manager of RSA, the Security Division of EMC Southern Africa, who says the technological controls required for cloud computing are the same as those used in a virtualised environment: a strong authorisation system, the ability to manage roles and access to information, and visible reporting.
“By monitoring these elements and adhering to the Cloud Security Alliance’s governance, risk and compliance (GRC) standard, it is possible to deliver the right level of assurance to the business concerning
security in the cloud,” Funnell says.
In February 2011, RSA announced the RSA Cloud Trust Authority (CTA), a set of cloud-based services designed to facilitate secure and compliant relationships between organisations and cloud service providers.
By enabling visibility and control over identities, information and infrastructure, the CTA fosters the trust necessary for organisations to adopt cloud computing for mission-critical applications and sensitive information.
|
Brought to you by |
|
|
|
“The CTA services enable consumers to compare service providers’ offerings, so that they can fully understand the level of
security and control any given service provider can deliver for their information,” Funnell says. “It also enables the service providers to move from promise to proof that they are safeguarding the organisation’s data.”
As a thought leader in this space, RSA has the technology and knowledge to address all seven of the areas of concern regarding
security in the cloud highlighted by
Gartner: privileged user access; regulatory compliance; data location; data segregation; recovery; investigative support; and long-term viability.
“By verifying the chain of trust, we are able to facilitate and streamline organisations’ journey to the cloud,” Funnell says. “For example, we are able to map sources onto an organisation’s cloud service provider and produce a view of exactly how compliant the company is.
“The market is maturing, and the tools are there. However, adoption will be slow unless the service providers gain their customers’ trust. The cloud can be secure if the right governance, controls, policies and infrastructure are in place.