Transparency & Trust in Cloud Security

The Planet Data Center

Image by The Planet via Flickr

A Cloud service provider (CSP) can decide to expose various levels of its internal procedures. This article discusses how transparent processes adopted by CSP’s increase the confidence levels in an organization making use of cloud services.

As organizations consider moving their key business processes and IT infrastructure to cloud computing, they are concerned about risks, and rightly so, since this move will transfer significant control of security, privacy, availability, data protection and data retention to the cloud service provider. When these controls are transferred, the organisation has little or no visibility of business processes adopted by the Cloud provider, making it helpless during incidents where company’s business and reputation are at risk.

So how can a Cloud Service Provider overcome these concerns through transparency?

The answer is simple: By providing the necessary information on the control environment, via easy accessible documentation. Such information may include:

  • Security policies
  • Architectural details related to physical security within the infrastructure
  • Data center layout
  • Procedural details such as access rights & delegations
  • Disaster recovery plans etc.

The more organizations get to know about the company, the higher the opportunity to minimize concern and increase trust.

Allowing periodic visits or spot-checks at the data center also allows organizations to be able to come in physical contact with parts of their organization which were hidden from them. Visits are a good opportunity to get to know key people from a service provider. Contacts which you’ll be able to get directly in touch with, in the case of any eventuality concerning the hosted services. Knowing whom to contact saves important minutes during incidents.

The above mentioned methods can be adopted by cloud providers to offer more visibility of their methods. Making a step towards transparency will open a window of opportunity to build trust between service provider and organization within the cloud environment.

About these ads

3 thoughts on “Transparency & Trust in Cloud Security

  1. Pingback: Loss Of Control And Transparency In The Cloud Era

  2. Pingback: Data Security Tips for Cloud Users | Securopia

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s