Top 5: Things to know about cloud security

Knowing the basics of cloud security can help you pick a better cloud provider. Here are five bits of important information.

5 things to know about cloud security

Before you can mount a defense, you need to know what you're defending against. And when your data is in the cloud, defense gets more complex. There's a whole meteorology of cloud risk patterns to analyze, so we're here to help you focus.

SEE: Essential reading for IT leaders: 10 books on cloud computing (free PDF) (TechRepublic)

Here are five cloud security risks you need to know about:

1. Shared space. Yes, your data is supposed to be in its own container, but that virtual container sits on the same physical machine with many others. Good cloud services take steps to prevent other customers from accessing your container.

2. Encryption. Your data should be encrypted at rest and in transit, even when it's being accessed by the cloud service's own applications. Even more often overlooked is what steps cloud providers take when they dispose of your data.

3. Secure transfer. All that encryption means nothing if you access it in an insecure way say with an http command. Make sure your data is always encrypted and authenticated with a standard protocol like IPsec.

4. What about the API? A weak software interface could let someone into all your data, secured or not. Find out what the cloud provider does to lock down its API.

5. The users. We humans are always the weakest point in any security scheme. Find out as much as you can about the people who handle your data for the cloud provider and who at their company has what access. And train your people as best you can not to get phished.

Now you not only know what to be on the lookout for, but you can choose better cloud providers based on how they say they'll deal with these risks

For more on cloud security, check out these articles:

By Tom Merritt

Tom is an award-winning independent tech podcaster and host of regular tech news and information shows. Tom hosts Sword and Laser, a science fiction and fantasy podcast, and book club with Veronica Belmont. He also hosts Daily Tech News Show, coverin...