Cloud security is in a state of flux. Actually it’s not really, but discussion is rife across the industry regarding the general state of cloud data and application welfare. Questions flutter around whether particular services are secure, whether multi-tenant clouds can be locked down and whether “spun down” instances of cloud servers will remain secure so that old customer data is deleted and non-accessible.
Where are we headed with the general consensus on cloud security just now?
Of course we should start out from first principles and look to comments made the big name cloud providers who have pointed out that the cloud is only as secure as the controls you place upon it, i.e., virtualized hosting services do not come with “security included” as some sort of free gift… and so a cloud server is really just a server but delivered as a service.