Security remains a critical issue in the cloud. Last week, the U.S. government released its top seven tips for secure cloud adoption while an international team of scientists debuted perfectly secure cloud computing … using quantum physics.
NIST Provides Concise Cloud Adoption Guide
The National Institute of Standards and Technology (NIST) announced last week its top seven tips for secure cloud adoption. Though initially intended for agencies and contractors, Forbes reporter Joe McKendrick argues that the tips are just as applicable for private-sector organizations as well — and we agree.
Here are NIST’s top pointers:
- Plan – Cloud computing, as with any new technology, requires strategic and thoughtful planning to ensure that sensitive data remains secure
- Understand – “Understanding the policies, procedures, and technical controls used by a cloud provider is a prerequisite to assessing the security and privacy risks involved.”
- Align – When adopting a cloud service (especially from a public provider) adjustments should be made to the security and privacy cloud computing environment to meet your company’s standards
- Negotiate – Negotiated service agreements can address your company-specific security concerns, while also serving to document the provider’s commitment to meeting your requirements
- Balance – Weigh the benefits (cost and productivity) against the drawbacks (risk and liability) before adopting each service, tailoring your cloud environment
- Mobilize – Do not overlook client-side computing. Web browsers, browser plug-ins and mobile devices can lead to vulnerability and are often difficult to manage and maintain. (IAM from Okta can extend secure access to all devices.)
- Monitor – Strong management practices are essential. This can be accomplished through the continuous monitoring of information security
The Hack-Proof Cloud
In other security news, an international research team demonstrated that cloud computing can become perfectly secure through quantum physics. Darren Quick, for Gizmag, reports that:
The researchers made what they believe is the first experimental demonstration of this blind quantum computing process by encoding the data using photons. These are well suited to the task as quantum computation operations can be carried out on them and they can be transmitted quickly over long distances.
The process is described as “blind” to the computer and, therefore, hackers as well. The only downside is that building quantum devices is incredibly complex, meaning the technology will be extremely limited in its availability.
Fortunately, with a simple cloud management strategy of single sign-on and multifactor authentication, enterprises can protect their apps from hackers. No quantum physics needed.