Get a free application, infrastructure and malware scan report - Scan Your Website Now

Subscribe to our Newsletter
Try AppTrana WAAP (WAF)
Managed WAF Start at $99

Is Cloud Secure?

Posted DateOctober 1, 2014
Posted Time 3   min Read

So, we are in the business of securing people’s applications, have hundreds of customer who trust us for improving the security posture of their web assets. We have been around for a while and many of our customer have been around much longer than us. In other words these serious enterprises across BFSI (Banking, Financial services and Insurance), large conglomerates with diverse businesses, Government entities and retails (both online and brick-and-mortar) have legacy infrastructure. These are #1 or #2 players in their own verticals and industries, these businesses have serious infrastructure requirements and have undoubtedly started looking at Cloud.

Aaha the mythical cloud, utopia it promises and all the benefits. But for the fact that is is not mythical at all, no sir, not at all. Cloud is as real as the hard-drive in your laptop. Today, IT departments are thinking about a “Cloud Strategy” in few quarters – yes quarters, you read that right – your Cloud Strategy will be your STRATEGY. Cloud would be so prevalent and in-you-face that you will not ask the question of “if” when talking about cloud, you will only plan the “When and How, or how fast” part of the strategy.

As someone graduates to being a believer of Cloudism, shall we call them a newly minted Cloudist. Some Cloudist start doubting the “security” of their newly subscribed infrastructure religion. They wonder “Is cloud secure”, start getting cold feet about letting go of their old “on premise” religions. They wonder whether they will be as secure as they used to be in the dark ages rules by “on premise-ism”.

I say, “In Cloud we Trust”.

Is Cloud Secure?, that question is a blasphemy, it is sac-religious, it is a crime to think about security in that manner. Accept it, it is plain dumb to think about just one aspect of a complex decision like cloud, isolation is anti-cloudism. It is like asking “is travel by car safe”, well it depends on:

  1. Your driver – if he has had five accidents in last week, you better rethink. OR
  2. The make and model of the car – I feel much safer personally if it was a Volvo. OR
  3. The road – I will pass on travel by car in Iraq this year, or decade. Thank you very much.

Don’t ask if the “Cloud is Secure”, dig deeper, look at the cloud provider’s track record, understand the security policies in place, review the third party certifications and audits that they have done. Have they thought about security at all the layers? Are they operating fully redundant, highly encrypted and fortified storage systems? Are they fanatical about physical security of the datacenter assets? What is their disaster recovery strategy? What happens if their vendors go out of business, will your cloud vendor be able to still deliver the data that was backed up on their tape storage? Do they hire people with verifiable and clean backgrounds? How about their application layer security?

I doubt if any enterprise that is not focused on “Cloud infrastructure” can secure your infrastructure as well as the professionals at most leading cloud vendors of the day. That includes your own operations folks too. However well-meaning and capable they maybe, do not expect them to be Batman or Superman of the infrastructure world. Even if you manage to hire the Yoda of security, can he defend you from the Darth Vader of cyber espionage?

You are better off relying on the “highly trained and focused security professionals at leading cloud providers”, why DIY (Do-it-yourself) when you have a DIFM (do-it-for-me) option available in terms of outsourcing your infrastructure. Look into it, I am sure it will be cheaper and definitely more secure.

So next time, a cloudist is in doubt, just clam them and say “In Cloud we Trust”.

Stay tuned for more relevant and interesting security updates. Follow Indusface on FacebookTwitter, and LinkedIn

web application security banner

Spread the love

Join 47000+ Security Leaders

Get weekly tips on blocking ransomware, DDoS and bot attacks and Zero-day threats.

We're committed to your privacy. indusface uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.

Related Posts

Cloud AppSec Measures
10 Ways to Implement AppSec Measures for Your Cloud Ecosystem

Secure your cloud ecosystem with these 10 AppSec measures. Learn how to implement robust security measures to protect your data

Spread the love

Read More
Cloud Security Trends 2022
6 Cloud Security Trends in 2022

The massive increase in cloud adoption will motivate hackers. Explore cloud security trends to secure your cloud environment from breaches.

Spread the love

Read More
cloud security threats
5 Top Cloud Security Threats and Tips to Mitigate Them

Cloud computing has accompanied a new borderless work world, which boosts the free flow of information and open collaborations. This has allowed companies to be more productive and has made.

Spread the love

Read More


Fully Managed SaaS-Based Web Application Security Solution

Get free access to Integrated Application Scanner, Web Application Firewall, DDoS & Bot Mitigation, and CDN for 14 days

Know More Take Free Trial


Indusface is the only cloud WAAP (WAF) vendor with 100% Customer Recommendation for 3 consecutive years.

A Customers’ Choice for 2022 and 2023 - Gartner® Peer Insights™

The reviews and ratings are in!