Securing the Cloud: How Safe Is that Data?By Pedro Pereira | Posted 2008-12-04 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Cloud computing and SAAS models increase the complexity of securing data, which creates both a challenge and an opportunity for solution providers.
As more and more companies embrace cloud computing for their IT business needs, the question becomes how secure is the data that in some cases may reside thousands of miles away?
A company using SAAS (software as a service) CRM, ERP or data backup
applications not only wants to be sure the data outside its network
perimeter is secure but also that the myriad access points to the
information are well-guarded and resistant to tampering or intrusion.
The same goes for environments where applications are hosted in the
cloud but modified at a customer's location for specific uses.
"As with anything Web-based, there are many challenges with securing IT environments operating within, or as part of, a cloud computing infrastructure," says Gunter Ollman, chief security strategist at IBM Internet Security Systems.
Is all this talk about cloud computing just a lot of condensed air? Read about it here.
The challenges, Ollman adds, include making sure that security follows "workloads," or data, as they move around the cloud; securing domains at the network, server and storage levels; and identifying and managing users and administrators of the cloud infrastructure to put the right controls in place.
Doug Howard, chief strategy officer at Perimeter eSecurity, a provider of security-in-the cloud services, says the cloud security challenge arises from the multi-tenant environments built by technology providers to meet customer requirements that differ from company to company.
Providers rely on public application program interfaces (APIs) to integrate with customer systems. "This creates a situation where the bad guys now have an easy way of exploiting vulnerabilities within the service that will apply across the entire platform and against all customers," he says.
Handling the complexity
There is plenty of complexity to contend with, as data moves between
various access points. Transmissions take place between data centers
where applications reside, or information is stored and backed up, and
the corporate users who are accessing data from within firewalls or
through VPNs. A variety of third parties, such as suppliers, partners
and customers, have access to some of that information.
"The security challenge with cloud computing is the massive amount of variables introduced," says Chris Squier, a tech support engineer at IT distributor Ingram Micro. "Liken it to sci-fi, and the first astronaut who lands on an uncharted alien planet. What's out there? How can we use our very limited knowns to protect against massive unknowns, like being eaten by the foliage? Can we protect that astronaut?"