The strategy and practice of
safety in any organization or environment domain, real or virtual, must be
formulated and implemented through a holistic approach that integrates all its
peculiarities, physical, logical and people without forgetting the processes,
standards, procedures covering both protection and security of data,
information, intelligence, knowledge, etc, i.e. all the intangible assets of
the organization is in the cloud or real spaces. When the issue of data
security and information in Cloud Computing addresses must distinguish two
distinct aspects but, however, closely related. On the one hand is the
protection of data, mainly with regard to privacy, while the other is the
security of information in various forms against loss, theft and tampering. In
the first case, regarding the protection of data in a Cloud environment it is
necessary to remember that, regardless of the chosen type (private or private,
public or hybrid) the user or client usually does not know what is the physical
location where they are stored therefore is not in a position to know the type
of rules applicable in this area, or their compatibility with their country of
residence or headquarters.
In this regard it should be
remembered that European Community legislation is very strict in these cases.
For example, in terms of maintaining the property entrusted to a third party
who can not disclose without the consent of the client, while in some countries
the protection of such data becomes the responsibility of the service provider
data local laws apply. In this context we see as a result of the appearance of
the famous case Snowden, revealing investigations of the U.S. NSA, acquired
wide notoriety the Patriot Act in the United States that allows security
agencies of this country unfettered access to data deposited or managed in
their territory without inform their owners. And if we expand the field we can
see that other countries are located where many virtual data centers that
currently exist (Russia, India, China, etc.). Guarantees do they offer adequate
data protection.
If meanwhile consider the second
case, referred to information security, Cloud your goal should be the same as
in other settings, or respect to known principles ensuring its confidentiality,
integrity and availability. In this sense the actors, agents and measures are
the same as in distributed environments traditional or classic but increased due
to the specific characteristics of virtuality and Cloud.
Considering these threats, it is
logical to conclude that as it becomes increasingly using the cloud as not only
store data but also, and especially, as a provider of applications, services,
infrastructure and platforms, will progressively becoming a greater object of
desire for different agents acting illegally in the network. To know more about
cloud security, International institute of cyber security provides Cloud Security in Mexico training and services in Mexico.
Posted by webimpritns
0 comments:
Post a Comment