Testing Services provides a platform for QA professionals to discuss and gain insights in to the business value delivered by testing, the best practices and processes that drive it and the emergence of new technologies that will shape the future of this profession.

« Testing Infrastructure - Ignorant or Innocence | Main | STC conference by QAI »

Testing for cloud security - What is the data focus of QA teams (Part 2/3)

In my early blog on testing for cloud security (http://www.infosysblogs.com/testing-services/2011/12/testing_for_cloud_security-_wh.html), I had discussed the security concerns of cloud adoption from an infrastructure standpoint. Now, let us take a look at what would be the focus of cloud security testing from a data perspective. Enterprises are highly concerned about the security of their data in the cloud. They are well aware that any sort of data security breach could lead to non-compliance, resulting in expensive legal law suits that could cause long term damage to the overall credibility of the organization

So from a data perspective, Cloud testing would need to focus on access controls and privileges that would in turn ensure that there are no loop holes for any accidental or intentional misuse of data. As clouds are shared environments which could mean one organizations data would be present along with another organizations data, as a first step, it is absolutely necessary that the data residing on the cloud is tested in isolation. As compliance rules and data privacy regulations vary for every region, special attention needs to be given to this aspect. Data testing on the cloud would also need to lay emphasis on scenarios where data needs to interact with legacy or existing non-cloud applications and scenarios that involve data migration. Ensuring the encryption of data under migration and residing on the cloud is also absolutely essential to ensure no leakages or misuse of data whatsoever.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.