We often hear executives in various companies talk about IT security. Especially when it comes to Cloud Computing, security is a major topic. Many IT leaders and CIOs are afraid of Cloud Computing when it comes to security. To find out about security in the Cloud, we have to discuss what elements of IT security are necessary to Cloud Computing. The 6 elements of IT security are called “ACACIA”.
Availability says that all Elements within an IT landscape must be available. Users shouldn’t be limited by outages or similar things. If we talk about the Cloud, we need to handle this with failover systems, such as different availability zones.
This means that the IT landscape is fully operational and there are no alien servers – which, for instance, could have been added by competitors or hackers. It could also happen that some malware is installed. Therefore, it is necessary to protect your Cloud-based infrastructure, as you would do it with your on-premise devices.
Only those people, that fulfil certain requirements, are allowed to administer or use certain services. If a user is not part of the HR department, the user should not use this section in the intranet.
In many cases, users should have the possibility to use certain anonymity sites. For instance, when it comes to voting, nobody wants to be listed in a Database. Therefore, anonymity must be provided for certain tasks.
If two systems communicate with each other, it is necessary to know that sender as well as receiver are in the correct position. An error to authenticity could occur, if an enemy system knows the means of communication and “catches” messages, modifies them and handles them over to the intended receiver.
This means that the IT-System is lawful and everything is done in a way that local as well as international law requires.