Security in the cloud remains a serious concern for many companies, particularly those who have private or sensitive information on their systems about customers. Overcoming that concern takes some foresight and planning. This article points out the following considerations:
· 1. Find out as much as you can about a software-as-a-service provider's security measures and infrastructure. If you are going with an infrastructure-as-a-service provider, ask what tools it can provide you to protect your virtual environment.
· 2. Encrypt data at rest and in transit; otherwise, don't put sensitive information in the cloud.
· 3, Divvy up responsibilities between your administrators and the service provider's administrators, so no one has free access across all security layers.
· 4. Check whether a vendor has been accredited as meeting SAS 70 Type 2 and ISO 27001 security standards. If you are an international company, check for European Safe Harbor accreditation as well.
· 5. Go with a high-end service provider with an established security record. "You get what you pay for," says Gartner analyst Jay Heiser.
For the Article, click this link.