The strategy and practice of safety in any organization or environment domain, real or virtual, must be formulated and implemented through a holistic approach that integrates all its peculiarities, physical, logical and people without forgetting the processes, standards, procedures covering both protection and security of data, information, intelligence, knowledge, etc, i.e. all the intangible assets of the organization is in the cloud or real spaces. When the issue of data security and information in Cloud Computing addresses must distinguish two distinct aspects but, however, closely related. On the one hand is the protection of data, mainly with regard to privacy, while the other is the security of information in various forms against loss, theft and tampering. In the first case, regarding the protection of data in a Cloud environment it is necessary to remember that, regardless of the chosen type (private or private, public or hybrid) the user or client usually does not know what is the physical location where they are stored therefore is not in a position to know the type of rules applicable in this area, or their compatibility with their country of residence or headquarters.
In this regard it should be remembered that European Community legislation is very strict in these cases. For example, in terms of maintaining the property entrusted to a third party who can not disclose without the consent of the client, while in some countries the protection of such data becomes the responsibility of the service provider data local laws apply. In this context we see as a result of the appearance of the famous case Snowden, revealing investigations of the U.S. NSA, acquired wide notoriety the Patriot Act in the United States that allows security agencies of this country unfettered access to data deposited or managed in their territory without inform their owners. And if we expand the field we can see that other countries are located where many virtual data centers that currently exist (Russia, India, China, etc.). Guarantees do they offer adequate data protection.
If meanwhile consider the second case, referred to information security, Cloud your goal should be the same as in other settings, or respect to known principles ensuring its confidentiality, integrity and availability. In this sense the actors, agents and measures are the same as in distributed environments traditional or classic but increased due to the specific characteristics of virtuality and Cloud.
Considering these threats, it is logical to conclude that as it becomes increasingly using the cloud as not only store data but also, and especially, as a provider of applications, services, infrastructure and platforms, will progressively becoming a greater object of desire for different agents acting illegally in the network. To know more about cloud security, International institute of cyber security provides Cloud Security in Mexico training and services in Mexico. Posted by webimpritns