Every Information security buff knows the Triad of Information Security:
- Confidentiality: No unauthorized users can access our data.
- Integrity: No unauthorized users can modify our data.
- Availability: My data is there when I need it.
Security in Cloud Computing should be no different.
I recently read an article by Michigan's CTO, Dan Lohrmann with some great questions around Cloud Computing Security.
Some of Mr. Lohrmann's challenges were:
- Who owns the end to end security?
- Who owns the responsibility in the event of a breach?
- Who owns the logs?
- Where does the data live (geographically)?
- As my security requirements increase, does the cost become prohibitive?
Over the next series of blog posts, we'll discuss these and other Cloud Computing Security Challenges.
Have a specific security challenge? I want to hear it!
