Answer

To choose the right multi-tenant cloud vendor, ask the right questions

How secure is a multi-tenant cloud? What kinds of questions should we be asking the vendors about being part of a multi-tenant cloud?

    Requires Free Membership to View

The multi-tenancy approach -- in which multiple customers, or "tenants," share a single instance of a software application -- always generates questions about security. Specifically, what each tenant wants to know is: How are things divided to prevent other tenants from being able to access my sensitive information?

The most important thing to ask multi-tenant cloud vendors is whether they have security certifications.

Nearly all public clouds use the multi-tenant model. Cloud providers typically go through extensive and painstaking steps to eliminate security holes that might allow unauthorized access to any tenant's information. Still, there are always concerns about having multiple customers using a shared host. For that reason, some providers, such as Amazon Web Services, are starting to support the concept of a "dedicated instance." This approach allows for the provisioning of an entire server strictly for one tenant's use, which eliminates the concerns that may come up when using virtualized servers.

The most important thing to ask multi-tenant cloud vendors is whether they have security certifications or other external validation of their security levels and practices. Other questions to ask: "How do you make sure other tenants can't access my data? Do you use server-side encryption to prevent anyone else from accessing my data? What sort of regular tests do you run to make sure my information is safe?"

Companies working with medical information should also ensure the multi-tenant cloud provider complies with the requirements of the Health Insurance Portability and Accountability Act.

Of course, the risks associated with relying on a multi-tenant cloud vendor are almost always minimal compared to extra cost and work involved with running your own cloud. Most of these systems are quite secure and run on trusted technology that's either open source or stems from open source software. Generally, the more clients a given cloud vendor has, the more tested it is, and the more you can rely on it to protect your information.

This was first published in September 2013

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Expert Discussion

Does your organization use, or is it considering using, a multi-tenant cloud environment?

Chris Moyer
What's your opinion?
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest