What kind of access controls to cloud servers are important?

ITworld staff

Is it an all-or-nothing proposition?

Answer this Question


3 total
ITworld staff
Vote Up (32)

One place that the cloud vendors are still playing catch up to the mainframe computing world has to do with security policies and access controls. In many cases, access is an all-or-nothing proposition, meaning that once a user authenticates to the cloud, they have the freedom to do a lot of unintentional damage to start and stop a virtual server or make other mayhem inside the entire cloud environment.


Some cloud providers are better about this than others, and allow virtual networks within a particular environment or other means of segregated access for individual users. There are also third-party security tools, such as Hytrust's Appliance for VMware and Reflex Systems vTrust. Both of these allow more granularity so that users can run the applications on a virtual server but not reconfigure or turn off the server itself.


For more Cloud Computing tips, see 12 questions to ask your cloud computing provider

Vote Up (22)

I would like to see granular security over cloud-based storage that integrates with Active Directory. If I'm managing hundreds of users across multiple departments, it's important to make sure that employees can only get into the files that they're allowed to see, and to allow management to take a birds' eye view over the work their employees are producing.

Vote Up (18)

You may want to read this PDF file on controlling cloud data:



"Cloud computing is clearly one of today’s most enticing
technology areas due, at least in part, to its cost-efficiency and
flexibility. However, despite the surge in activity and interest,
there are significant, persistent concerns about cloud computing
that are impeding momentum and will eventually compromise the
vision of cloud computing as a new IT procurement model. In this
paper, we characterize the problems and their impact on adoption.
In addition, and equally importantly, we describe how the
combination of existing research thrusts has the potential to
alleviate many of the concerns impeding adoption. In particular,
we argue that with continued research advances in trusted
computing and computation-supporting encryption, life in the
cloud can be advantageous from a business intelligence standpoint
over the isolated alternative that is more common today."

Ask a question

Join Now or Sign In to ask a question.
Many business users say they're fed up with what they perceive as sluggish IT departments, but cringe at the thought of outsourcing to a managed services provider. However, the rise of BYOD, consumer tech and cloud computing may be clearing a path for change.
But the more Microsoft pushes change, the more enterprises will resist.
Amazon Web Services has increased the number of simultaneous queries its hosted data warehouse Redshift can handle, improving performance in cases where many small queries are now forced to wait.
Salesforce.com recently celebrated its 15th year in existence, and as the SaaS (software-as-a-service) vendor races toward US$5 billion in revenue its influence on the industry is being felt more than ever. At the same time, some signs indicate that Salesforce.com is having a few growing pains, as well as showing some trappings of the mega-vendors it once mocked with its "End of Software" marketing campaign.
Mainframe operators using BMC software may now be able to enjoy the speedy, devops-style development pace that is quickly becoming the norm for customer-facing mobile applications and Internet services.
Mobile office suite Polaris Office now offers a cloud option for storing your documents. But in all the metrics that matter--price, privacy, and functionality--you'd be better served by passing it by.
Some cloud storage providers who hope to be on the leading edge of cloud security adopt a "zero-knowledge" policy in which vendors say it is impossible for customer data to be snooped on. But a recent study by computer scientists at Johns Hopkins University is questioning just how secure those zero knowledge tactics are.
In today's accessible technology roundup: Google wants to embed cameras in contact lenses, Apple gets a patent for a new GUI for touch devices to improve accessibility and a hacker develops a virtual cane for the blind
Borrowing a page from the recently revised Microsoft playbook, development tools maker Telerik has released as open source the bulk of its Kendo software library of components for building Web and mobile applications
Although Exadata is Oracle's most popular and mature "engineered system," some customers implementing the database machine are making mistakes that prevent them from getting the most performance out of the expensive product, according to a veteran of many Exadata projects.
Join us: