There was a felt need for standardised practices in cloud management as public, private and hybrid clouds gained popularity. Over the decades, a few standards have emerged and there are many more in the pipeline. Reputed cloud service developers and enablers like Asigra constantly update their software to include new tools that help IT managers and CIOs retain control over their data, maintain security of the systems, and manage their users efficiently. Here are a few cloud tools that help IT managers in their quest for data control.
The cloud democratises computing. While this is good for business, it creates a few headaches for the management. For instance, mobile and remote users can upload or download data from wherever they are, with whatever device they have on hand without obtaining permissions from the IT Administrator. The security of the information, the type of applications in use on the connecting device, and so forth, can create security problems that the Administrator must anticipate and provide for. It follows that there is an urgent need for policies and procedures that enforce access boundaries and user permissions, and for tools that enable the Administrator implement these policies and procedures.
A number of cloud service providers use software agents with administrative dashboards that equip the manager with the necessary tools for creating and managing users, who have the necessary company-defined rights and permissions to access the network, and perform some or all operations on the data that they access.
The cloud entrusts data to third party servers. As a consequence, IT managers worry about security. The cloud addresses a few of these issues by provisioning for layered data security. Most cloud service providers use third party (FIPS-140-2) certified cryptographic algorithms to encrypt data. These algorithms are often described as bank grade or military grade and generally use AES 128,192 or 256 or Blowfish that have proven to be impregnable to date. The symmetric keys that are used are often user defined and private keys that can remain secure with the data owner.
The third party service provider does not have access to the content of the data store that is hosted on their cloud server as a result of the encryption. Security and availability of data is further strengthened with the institution of “as is” replication and disaster recovery systems and guarantees that the information will not be accessed by the service provider or their associates at any time. Managers can recover or purge the information contained in the cloud service stores at any time they wish to rescind from the contract using tools provided for the purpose.
