Security: The Thunder in the Cloud

March 23, 2010 by Jake Robinson

Every Information security buff knows the Triad of Information Security:

  • Confidentiality: No unauthorized users can access our data.
  • Integrity: No unauthorized users can modify our data.
  • Availability: My data is there when I need it.

Security in Cloud Computing should be no different. 

I recently read an article by Michigan’s CTO, Dan Lohrmann with some great questions around Cloud Computing Security. 

Some of Mr. Lohrmann’s challenges were:

  • Who owns the end to end security?
  • Who owns the responsibility in the event of a breach?
  • Who owns the logs?
  • Where does the data live (geographically)?
  • As my security requirements increase, does the cost become prohibitive?

Over the next series of blog posts, we’ll discuss these and other Cloud Computing Security Challenges. 

Have a specific security challenge? I want to hear it!