Security and Firewall Policies in the Cloud

Those who use cloud services safety is a very important aspect to manage and also Security and Firewall are major concerns to choose a Cloud platform. Previously we published a good number of articles on Cloud Security, indeed Security in the Cloud is the Next Real Business.

The resistance in the cloud to implement security and privacy is that, it slows the spread. Why is the question that always arises in the mind of almost every new user who approaches the cloud, if he/she can trust to leave their data in an external structure? Because, in 50% of the time, the service provider does not provide a convincing answer properly to give security to the user.

Security and Firewall Policies in the Cloud : The Background

It is a fact that cloud computing is one of the sectors of the IT market that has seen the most interesting growth in recent years, and this trend is motivated by the enormous benefit from companies of all sizes as users; small and medium-sized businesses, even the professional blogs, with cloud computing operate more efficiently with limited time, while in the large enterprises, the cloud provides the scalability to quickly respond to changing market conditions. Businesses of any size can leverage the cloud to boost aspects such as innovation and collaboration.

Needless to hide the fact that there is a problem related to the technical aspect, the security of the system and consequently the risks lies in the data stored in the cloud. Besides there is also a problem related to the judicial and regulatory system and what happens is that, these two aspects often together represent an obstacle to its dissemination, with negative consequences to all the parties involved, businesses, the public sector and service providers.

Many companies justify their hesitation with concerns such as data loss and unauthorized access, and are therefore reluctant for the cloud solution and do not enjoy the full benefits of cloud.

Security and Firewall Policies in the Cloud : Where the Problem Arises

Entrusting data to a remote system, of which we might not know about the internal structure, the physical location, the maintenance staff – a certain distrust automatically develops. The user loses the direct and exclusive control of their data, so the confidentiality and availability of information on the infrastructure moved depend not only on the user’s behavior but also and especially on the security mechanism adopted by the service provider, which should be evaluated in advance.

Further doubt arises when one considers that the chosen service could be the end result of a chain of transformation of services provided by other service providers, other than the supplier with which the user enters into the contract of service, it so happens that the user might not always be in a position to know who of the various operators of intermediate services may have access to certain data.

One aspect not to be overlooked is the storage of data in different geographical locations has immediate repercussions on both the legislation applicable in the event of a dispute between the user and the provider and in relation to the national provisions which are governing the handling of storage and data security.