I have a very basic doubt regarding cloud computing that is catching up pretty fast these days. To my understanding, cloud computing is a paradigm in which companies put up their data and applications on somebody else's machines aka 'The Cloud'. I want to know just how secure is it to put up my data on some third party machines, especially if my data contains private details. In particular, how can an enterprise trust the cloud computing service providers in this data privacy aspect?
It depends on what kind of data you want to store.
If you are speaking of credit card or financial information, then its NOT secure. PCI Level 1 compliance rules out any possibility of using the cloud, because to be compliant you need to perform third party on-site audits, and most cloud providers don't allow that. Here is Amazon's stand on it. For any other data that requires legal compliance, you will find it difficult to host it on the cloud.
For other kinds of data that doesn't need legal compliance, it all boils down to your enterprise's risk appetite and the kind of cloud vendor you are dealing with. Completely agree with Stephen on this.
For general information on cloud security, you should visit Cloud Security Alliance. They have the most relevant information in this field.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With