Do You Trust Your Public Cloud Provider?
Posted by finid
on June 17, 2011
Category : Commentary
Tags : cloud computing
Cloud computing is all the buzz, but if you use a public cloud provider, do you trust the outfit? According to anecdotal evidence, the trust percentage is not very high. Matthew Gardiner has a few suggestions that public cloud providers may take to improve their trustworthiness.
The first step is to:
Avoid being a black box, in particular for security and “ability” related systems and processes. I am not saying public cloud providers should publicly disclose everything and risk elevating their vulnerability levels, but they should give as much control and visibility to their customers as possible over the customer’s own services, systems and processes that they are delivering for them. The systems and processes within their services should not be a secret. Control or visibility of the customers’ services should move all the way up the application stack – from the network, through the storage, servers, applications, and data.
People tend to trust those that don’t appear to be hiding anything, and thus transparency by cloud providers can help foster trust. Audits can also serve as vehicles to gain trust – whether they are done by third parties or by the customers themselves.