(Page 2 of 2)
"Typically, a cloud-service environment includes standard terms and conditions that are not tailored to an organization's unique security needs. Many cloud-service providers make no promises about protecting data," Assem said. "Therefore, it is critical for organizations that consider moving to the cloud to understand the risks involved. Certainly, security is a top concern when it comes to cloud computing."
As Assem sees it, part of the solution is for companies to know where their data is, how it's protected, and who can access it. But since many cloud-service providers offer no service-level agreements, enterprises have no guarantees about data availability, privacy or data protection.
"Cloud computing doesn't have to be rife with risk. With the right service provider, the cloud can fulfill its promise of more affordable, flexible and easier-to-manage IT services," Assem said. "However, a lot depends on the preparation and choice of service providers. In order to take advantage of cloud-computing services, IT needs to move toward a 'service-centric' model and apply basic risk-analysis principles."
The key, as always, is to understand the unique needs and challenges of your own organization. Using a structured approach, consolidated systems, and reliable backup, your organization will become more efficient while also being disaster prepared.