Security is major focus and concerning area while referring to cloud computing. There are multiple means of handling it as per the type of cloud, be it public, private, communal, or hybrid. It begins with effective planning to analyze several attributes on the sensitivity to risk in the context of the various models--IaaS, PaaS, and SaaS. With each of these models, the responsibilities of the client versus the cloud provider for security at different levels of the service need to be thoroughly understood.
Some pointers to gather relevant inputs in this light are the following:
- How the application or resource is deployed on the cloud
- Data encrypted form for storage in the cloud
- Proxy and brokerage services should be employed
- The need to restrict direct access to the shared data
- The cloud provider's system and tools for data transfer into and out of the cloud
Each cloud deployment model, depending on the service models and cloud types, brings in its own risks. The responsibilities...