Changing The Cloud Security Conversation

What are the pertinent questions banks should ask about security in the cloud?
November 08, 2013

Supporting End-to-End Security Controls


Mark Wood, Director of Product Management, Cloud Security Dell SecureWorks

Security in the cloud is generally more consistent, standardized and reliable than security delivered via an organization’s onsite data center, which frequently has diverse traditional networks and data center infrastructure. Due to the dynamic and de-centralized nature of cloud infrastructure, organizations delivering security through cloud environments tend to approach security with a common set of controls, policies, procedures and privileges.

Cloud Security Service Providers (CSSPs) can often provide comprehensive security controls in cloud environments less expensively than a small bank could in its own environment. CSSPs can provide security at the network, server, endpoint and application levels.

Many larger banks use the cloud for the delivery of applications that serve a bank’s internal users and customers. Larger banks often secure their own private cloud facilities in-house leveraging their CISO, IT and information security teams. Because cloud environments can support a common end-to-end set of security controls, CSSP’s can often provide a similar, or better, security-in-depth in the cloud as the bank’s own security team could provide in their traditional data centers.

Banks considering cloud deployments should ask prospective CSSPs: What specific security technologies do you deploy in your cloud infrastructure? What security options do you make available to your clients? How much control do you have over your security? Most importantly, ask where does your CSSP’s responsibilities end for your security and where do your responsibilities begin?

Bank Systems & Technology encourages readers to engage in spirited, healthy debate, including taking us to task. However, Bank Systems & Technology moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Bank Systems & Technology further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
< Previous1 2 3 4 5 6 Next > 

< Previous1 2 3 4 5 6 Next >