The cloud can bring some significant benefits, but with those benefits comes great peril for those who do not take the proper precautions. Medha Basu shares four tips at FutureGov for staying safe in the cloud.
Four Tips for Clear Skies
- Traditional security methods do not work.
- Standardise security approach across agencies.
- Be prepared for the worst.
- Trust international public sector standards.
It used to be that businesses would physically isolate networks according to levels of data classification and clearance, but a practice of building multiple separate clouds with every possible combination of clearance would not be practical. Instead, things such as the US’s security-enhanced Linux project allow for information to be separated according to confidentiality requirements. But whatever method you choose, make sure security is standardised with a uniform solution for threats. The article recommends that governments employing the cloud use the Security Content Automation Protocol as a basis.
About being prepared for the worst, Basu shares:
Open source security solutions allow agencies to encrypt their data in the cloud environment, so that even if the physical storage is compromised, the data is still protected. Moreover, network encryption tools prevent eavesdropping on data and keep information within their own security enclaves.
Lastly, and this one especially pertains to government IT, it is recommended to place trust in international standards such as Common Criteria, which is recognised here in India, as well as Australia, Malaysia, Japan, and elsewhere. To read more, you can view the full article here: http://www.futuregov.asia/articles/2014/aug/22/4-things-you-need-know-about-cloud-security/