UP TO 50% OFF on Combo Courses!

Public cloud vs Private cloud: Security challenges

Cloud” is yet another new kid on the block and is definitely turning heads in the tech world. Cloud service providers like AWS, Microsoft Azure, Google cloud platform (GCP) along with others have taken the technology world by storm. As businesses grow they need more resources to expand – more power, more hardware, more software and everything is needed to grow.

The “cloud” comes to the rescue here as it helps the organization deal with more data centers, more infrastructure and management of them all.

The “cloud” today, is no longer a foreign entity and it is an absolutely necessary component of every organization. Once an organization moves its services to the cloud, it can deal better with issues such as scalability, downtime, remote working and monetary issues.

According to one report “77% of enterprises have at least one application or a portion of their enterprise computing infrastructure in the cloud…” (Organisations are cutting costs by moving to the cloud) and this number is expected to increase to 83% by 2020.

What is a ‘public cloud’?

In a ‘public cloud’ environment, your data is stored on a public data center and the management and maintenance of the data center is the responsibility of the cloud provider. In a ‘public cloud’ environment, the user pays for the services that they use. As an example, if an organization just needs storage, then they can opt and pay for that service alone. The different services on a public cloud are dispatched via the Internet to the particular organization.

Since an organization’s most prized data in a public cloud is stored in a heterogeneous environment along with data from other organizations, security of data in a public cloud is often not trusted and is subjected to breaches and attacks.

The public cloud environment is never known particularly for security and hence if any organization is dealing with highly sensitive information like credit/debit numbers, healthcare data and other critical information – it will be good to move to a private cloud.

What is a ‘private cloud’?

In a “private cloud” environment, the hosting cloud solution is placed on the company’s intranet and placed behind a firewall. In this type of environment, the management and maintenance of the data centers and other infrastructure has to be done by the organization itself. However, since the data is on the company’s intranet, security is much more a reality and better trusted.

In a “private cloud”, you own the services like the infrastructure and data centers and you offer these services to your customers and clients.

Cloud concerns:

According to the 2019 ‘Cloud security report’ produced by ‘Cybersecurity Insiders’ these are some of the top cloud security concerns:

  1. Understandably, 64% fear of organizations ‘Data loss/leakage’
  2. 62% fear ‘Data privacy/confidentiality’ issues and
  3. 39% fear legal and regulatory compliance issues

In addition, these are the biggest cloud security threats faced by organizations:

  1. 42% of organizations fear unauthorized access of their data
  2. 42% fear insecure interfaces and APIs and
  3. 40% fear misconfiguration of cloud platform (Cloud Security Report)

Cloud computing and security have acquired a lot of importance and significance in today’s world that there has been a new certification introduced in 2015 by (ISC)2 known as CCSP(Certified Cloud security professional) certification.

The CCSP certification is offered by InfoSec Train – do enroll in it today and climb higher in the InfoSecurity career ladder!


Cloud Security Report. (n.d.). Retrieved from https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/2019-cloud-security-report.pdf

Organisations are cutting costs by moving to the cloud. (n.d.). Retrieved from nccgroup.trust: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2019/august/blog-organisations-are-saving-by-moving-to-the-cloud/

Jayanthi Manikandan ( )
Cyber Security Analyst
Jayanthi Manikandan has a Master’s degree in Information systems with a specialization in Information Assurance from Walsh college, Detroit, MI. She is passionate about Information security and has been writing about it for the past 6 years. She is currently ‘Security researcher at InfoSec train.