The cloud has become integrated in a variety of software and technologies, which means that the security for it has to advance along with it. There are still fears of cloud security, especially with the various reports about cyberattacks coming to light last year.
Even though the breaches were based around data centers rather than the cloud, Dark Reading insisted that the fear is somewhat justifiable.
The fears about the cloud and what they mean
According to Dark Reading, organizations that have cloud services have often avoided increasing their use because of the fear of he technology’s security. Businesses have found more ways to implement cybersecurity via processes such as email encryption and secure email services, as they have become basic necessities in the layers of cybersecurity for an enterprise.
The cloud is in the same boat for needing basic cybersecurity, but companies seem more insecure about the security of the cloud than many other technologies.
The source recommended that businesses make strategies for the way the cloud will be used within the enterprise and what security measures have to be put in place. Clear, precise objectives can also reveal security pitfalls in the system, which means that a company can be better aware and avoid them.
The rewritten rules and guidelines of the cloud
There has been a huge response to cybersecurity and what it means in the United States especially, due to the various cyberattacks in 2014. Cloud security is changing along with that, and as of last Thursday, the Defense Department has rewritten cloud security rules.
The new procedures focus on the commercial cloud and whether or not it is worth the risk. Federal News Radio reported that the DoD and the Defense Information Systems Agency – the latter of which released the updated procedures – have both been involved in the authorization role for cloud computing services.
“We’re going to say, ‘Let’s allow more than we’ve allowed in the past so that we can accept some risk there, but we’re also going to define it so that people know what the opportunities for compromise are,'” Mark Orndorff, DISA’s risk management executive, told Federal News Radio. “At the same time, we’re improving the security of our endpoints and our cyber analytics, and to detect insider threats. We want to focus our efforts on the things that could be the most serious impacts in a military situation that has a cyber adversary, focus on that, and then accept risk in other areas.”
The risks of the cloud are being better taken care of now that cybersecurity has become a huge topic to the public. With that in mind, it seems as though the government is moving forward in creating better laws and guidelines for the technologies and companies at risk.