Cloud Computing Could Solve Security Skills Crisis

Cloud computing is an opportunity to improve security, especially in a world where security skills are in short supply, according to industry bodies in IT security.

“The first response to cloud computing has been ‘you can’t use that because it is insecure’, but it is an opportunity,” said John Colley, managing director EMEA of the information security non-profit organisation (ISC)2.

Organisations have different generations of security awareness amongst their staff, and moving to a cloud-based environment could allow them to “catch up” with current practice, while remaining secure, he said.

Cloud security has been a hot topic in recent months, with Google arguing the cloud is more secure, but users still perceive it to be less secure than in-house IT.

Google and other cloud providers have been criticised for not being open enough about issures such as where data is held, but this will change as services mature, said Colley, in a meeting at the RSA Conference in London.

Cloud might be a way forward for companies short of staff with security skills, who are transitioning to new ways of using IT, the meeting heard. Companies now have a younger generation of staff expecting to use web tools all the time who might over-share, while their older staff are in “catch-up” mode, and might make elementary security errors with unfamiliar tools.

Cloud services could provide a safe environment to prevent both these errors, the meeting heard.

“The business benefit is that you don’t have to be an IT shop. You can now have strong authentication, and full encryption,” said Prof. Howard A. Schmidt, President of the InformationSecurity Forum, a member organisation for firms concerned over data security.

ISF has addressed cloud providers over concerns raised by 300 of its members, and Schmidt has been impressed by the answers given.

“The big players will have contractual agreements that meet security needs,” said Schmidt, countering fears that cloud provider are simply telling usrs to trust them blindly..

Earlier this year, the Jericho Forum also studied the implications of cloud security. Among other issues, providers will have to provide sufficient proof o their procedures so their customers can prove they meet legal obligations.

Peter Judge recently chaired a webinar on the subject “Are Clouds Compliant?”

Peter Judge

Peter Judge has been involved with tech B2B publishing in the UK for many years, working at Ziff-Davis, ZDNet, IDG and Reed. His main interests are networking security, mobility and cloud

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago