Grounded in the Cloud
Showing results for 
Search instead for 
Do you mean 

What are we trying to protect in Cloud Computing?

RyanKo on ‎08-16-2011 05:22 PM

We often hear about Cloud computing being a “change in paradigm” in information technology. Some mention the ‘pay-per-use’ mode of usage, while others talk about the ‘elasticity of resources’. However, from the security and trust perspective, one subtle but significant paradigm change is often left unnoticed. And that is the shift from the focus on systems to the focus on data.


What does this mean? In the past, IT owned systems and were responsible for the upgrading, maintenance and the security of these systems. However, with public Cloud computing, systems are owned and maintained by Cloud service providers and no longer by individuals or enterprises. Since they do not own these systems, end-users do not treat them as top-priority assets and naturally are less concerned about their health and integrity.


As a result, Cloud computing end-users have only one real asset left to protect: their data. When using public Clouds, end-users transfer their data into the hands of the Cloud providers. This perceived transfer of control is also the reason why there is resistance amongst industries handling sensitive data (e.g. public sector, healthcare, etc) to move into public Cloud technologies.


With an awareness of the data movements and information lifecycles in the Cloud, there will be a strong basis to mitigate several concerns about data leakage and loss in the Cloud. I did a simple poll during a recent Cloud computing workshop asking attendees which do they wish Cloud providers to protect more? Data or systems? You know the answer.

About the Author


Dr. Ryan K L Ko is a researcher with the Cloud and Security Lab, HP Labs Singapore. He currently leads HP Labs' TrustCloud project and Cloud Security Alliance's Cloud Data Governance Working Group.

JudyRedman on ‎08-17-2011 08:27 AM

Hello, Ryan:  I’m a fan of the work your team is doing on TrustCloud and wrote about it in a recent post entitled  “Keys to Achieving Trust and Accountability in the Cloud”  that might be of interest to those reading this post.  

I’m looking forward to more posts from you on the great work being done at HP Labs Singapore.   JR

RyanKo on ‎08-18-2011 09:32 AM

Thanks Judy for your kind support! 

Nadhan on ‎08-18-2011 02:53 PM

Ryan: It is no surprise that data is the key asset being protected in the Cloud.  One of the "Rights" I call out in the Cloud Transformation Bill of Rights is the "Right Application".  You will see that three out of five characteristics that define the "Right Application" have to do with -- you guessed it -- data.

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
1-3 December 2015
Discover 2015 London
Discover 2015 in London, the ultimate showcase technology event for business and IT professionals to learn, connect, and grow.
Read more
November 2015
Software Online Expert Days
Join us online to talk directly with our Software experts.
Read more
View all