How to Avoid the Stormier Implications of the Cloud

Adrian Seccombe explains the Jericho Forum's Cloud Cube model for understanding cloud computing's security ramifications

. What's this?

By Adrian Seccombe, Jericho Forum Founding Board Member

December 15, 2009CSO

Introduction
The cloud represents an opportunity for incredible scalability and cost savings. At the same time, within this emerging business paradigm there are new security risks to keep in mind and old ones that must be re-evaluated. As we begin to realize the benefits and potential to reduce costs of resources that cloud computing can offer, as well as the increasing ability to collaborate globally with business partners, customers and suppliers, we also need to ensure protection from the stormier implications of clouds. Increasingly, organizations need a well-structured path towards enabling secure business collaboration within the cloud without leaving them vulnerable to issues that may put their information assets at risk.

The realities of cloud computing are inherent interoperability and increased openness; both concepts that also imply security risk. Although the idea of "secure collaboration" may seem like an oxymoron, the issue of enabling secure collaboration in the appropriate type of cloud or "cloud formation" is one that must be tackled by each organization considering migrating to a cloud model. In addition, those considerations must be best suited to the business needs of each organization. But how does an organization evaluate the risk and opportunity associated with moving into the cloud?

Also see Ira Winkler's The Real Problems with Cloud Computing


As a consortium dedicated to helping organizations remain secure in an increasingly de-perimeterized world, the Jericho Forum sees a great deal of promise in cloud computing models to help facilitate secure collaboration. This article highlights Jericho's initial considerations and guidelines for helping businesses understand the promise of cloud computing and encourages common and secure cloud practices by taking a look at the benefits and risks of emerging cloud "formations." We'll also examine the key issues that need to be answered in order to make clouds safe and secure places to work in.

Although we see these guidelines very much as a "work-in-progress," we hope they will enable all stakeholders, particularly business decision-makers, to appreciate the key considerations that need to be taken into account when deciding which parts of their business could be operated within any of the available cloud formations. We also hope that it will provide pragmatic guidance for safely leveraging the cloud today and present a clear vision for a future of secure cloud computing.

Navigating the Cloud
The joy of the cloud model is that it can deliver great advantages, but only if you know where within the different formations of cloud you need to be in order to achieve the right flexibility for your specific needs. For example, if a cloud vendor were to cease providing a service, how easy would it be to move to another provider or use your cloud-based capability to provide you with seamless disaster recovery and business continuity?

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER