What kind of security protections and controls can an enterprise expect from a cloud service provider?
While there are certain elements of the cloud, such as virtualization and multitenancy, which require special attention with respect to security, generally speaking, enterprises should expect the same level of security protections and controls from a cloud provider as they get from a traditional hosting service.
Do you have a question for Amy?
Submit your question directly to our editors at firstname.lastname@example.org.
This includes such services as access management controls, intrusion detection and intrusion prevention, unified threat management, content filtering and data leakage prevention. Some classes of data and applications will require more extensive controls, including multifactor authentication and encryption. Enterprises might also have some specific compliance and governance requirements that need to be addressed around data transparency and location. Cloud service providers can help meet these requirements by providing audit trails to the client as well as offering guarantees that cover a particular hosting center's location and certification standards.
With respect to cloud-specific security, providers should also be able to offer hypervisor security as well as data isolation to prevent commingling.
Related Q&A from Amy Larsen DeCarlo
When data center admins are flooded with new technology, they must first prioritize their business objectives before deciding which tools to deploy.continue reading
Choosing a cloud provider for your company can seem impossible until you compare your needs to a provider's core business.continue reading
Amy Larsen-DeCarlo says that cloud service providers offer SLAs, but enterprises should demand concrete agreements that guarantee end-to-end service.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.