An introduction to cloud computing would not be complete without a discussion of cybersecurity. The goals of cybersecurity are neatly summarized in the CIA triad. The triad states that the objective of cybersecurity is to provide confidentiality, integrity, and availability of systems, processes, data, etc. Click on each of the following tabs to learn more about these components.
Confidentiality
This is the restrictive aspect of cybersecurity. It is the idea that access must be controlled so only those who are authorized to perform a certain activity may do so. It is what keeps sensitive information from falling into the wrong hands. Confidentiality relies, in part, on various types of access controls.
Integrity
This is the idea that data and information should retain consistency and accuracy over its life cycle and that it should not be changed either erroneously or maliciously. Verification methods should be in place to ensure that data has not been altered.
Availability
Data security measures are only good if those who should have access to resources can do so when necessary. The need for availability may require redundancy measures and disaster recovery plans to ensure critical systems remain functioning throughout any major disruptions and that full restoration of systems occurs as quickly as possible.
Video: The Importance of Information Security
Watch the following video to learn more about the need for information security.
Complexity and the Explosion of Data
The decline in the cost of storing information and the growth in storage capabilities has led to vast repositories containing consumer’s personal and financial information. More companies, government agencies, and organizations of all types are retaining digital information, whether from customer or stakeholder interactions, through the use of Internet sites, mobile apps, point of purchase systems, and other electronic exchanges of information.
As companies and other organizations move more of their systems and processes online—and the sensitive data that goes along with them—the need to secure those systems will continue to grow. Increasingly, many of these organizations and their customers are relying on mobile technologies to exchange information.
Think about how much information is now available online, from bank account data, credit card numbers, purchases, and personally identifiable information (PII). Securing this information usually only becomes a priority after people have become victims of cybercrime.
The following graphic summarizes the increasing complexity of cybersecurity.
Why Data Security Is Increasing in Complexity
Massive increase in the number and severity of attacks
Increasing sophistication of hacker methods
Exponential growth in amount of sensitive information stored in electronic formats
Increased cost of suffering a data breach
Increase in the mobility of data from handheld devices, laptops, and tablets
Compliance Requirements
More laws are being drafted that impact the data collection, storage, and security practices of organizations that operate around the world. Some are more restrictive than others, and organizations must be aware of the changing legal environment with regard to information security. Compliance violations can be severe; fines, lawsuits, and even jail time are some possible penalties.
Recommended for you Cloud Environments – an overview
