Businesses installing cloud computing environments risk opening a "Pandora's Box of security nightmares", according to independent security group the Jericho Forum.
The Forum has today launched a document aimed at educating businesses about the security risks associated with moving to a cloud computing model. It described the paper as a "work in progress" and has called on key stakeholders, including end users and vendors, to work with them to establish best practices for securing collaboration in the cloud.
The paper details a Cloud Cube Model that describes various types of cloud computing environments, and the associated security issues.
According to Jericho, security, identity and access management are currently immature in the cloud computing setting, especially when it comes to collaboration between enterprises.
"The cloud approach to organising business can be both more secure and more efficient than the old-style silo structure," said Adrian Seccombe, chief information security officer at pharmaceuticals firm Eli Lilly and Jericho Forum board member.
"On the one hand cloud computing offers a compelling opportunity to achieve a more effective solution, do more with less, and deliver cost savings coupled with extreme flexibility and scalability. Viewed from a different perspective it opens a potential Pandora’s Box of security nightmares, not least of which is loss of data confidentiality and integrity."