Security: Enabling Cloud Computing by Managing Risk

June 11, 2009 by Alicia Gaba

Jaikumar Vijayan wrote an article yesterday in ComputerWorld on why IT security managers should be enabling cloud computing by learning how to manage risk rather than simply saying “no.”  The report that he refers to specifically was released by RSA, the security division of EMC Corp. 

The report says that the traditional enterprise network models are vanishing which means that many IT managers will need to understand the associated risks with cloud computing and learn how to manage them and help their companies realize the advantages of virtualization technologies that are continually proliferating. 

In my opinion, those professionals will be the people who will ultimately help provide a competitive advantage for their organization.  Understanding cloud computing risks will enable IT professionals to better decide which tasks should be sent to a public cloud or private cloud.  Cloud environments don’t have to be all or nothing, and I believe that many companies will find that a hybrid cloud approach will work best for them, putting their dollars to work for them most appropriately.  This means that an intricate knowledge (or an expert partner) in the cloud technologies will prove very vital in terms of understanding the specific risks involved with internal clouds and external clouds, what should go where and why. 

Will you be able to explain to your boss why your test-dev should go offsite and why you feel your production environment shouldn’t, or vice versa?  Those will be some of the many decisions that will need to be made, and security will play a huge role.  What type of security protocols does your provider follow?  What type of software and technology are they using to protect your data and environment?  Your knowledge on the internal side will also help you to better choose a qualified provider and will allow you to have more knowledgeable conversations proving for a better stronger relationship.

To read Vijayan’s summary of the report, including recommendations for what companies should do to enable cloud computing and other security-related cloud information click here.