As more and more companies embrace cloud computing for their IT
business needs, the question becomes how secure is the data that in
some cases may reside thousands of miles away?
A company using SAAS (software as a service) CRM, ERP or data backup
applications not only wants to be sure the data outside its network
perimeter is secure but also that the myriad access points to the
information are well-guarded and resistant to tampering or intrusion.
The same goes for environments where applications are hosted in the
cloud but modified at a customer’s location for specific uses.
"As with anything Web-based, there are many challenges with securing IT
environments operating within, or as part of, a cloud computing
infrastructure," says Gunter Ollman, chief security strategist at IBM
Internet Security Systems.
Is all this talk about cloud computing just a lot of condensed air? Read about it here.
The challenges, Ollman adds, include making sure that security follows
"workloads," or data, as they move around the cloud; securing domains
at the network, server and storage levels; and identifying and managing
users and administrators of the cloud infrastructure to put the right
controls in place.
Doug Howard, chief strategy officer at Perimeter eSecurity, a provider
of security-in-the cloud services, says the cloud security challenge
arises from the multi-tenant environments built by technology providers
to meet customer requirements that differ from company to company.
Providers rely on public application program interfaces (APIs) to
integrate with customer systems. "This creates a situation where the
bad guys now have an easy way of exploiting vulnerabilities within the
service that will apply across the entire platform and against all
customers," he says.
Handling the complexity
There is plenty of complexity to contend with, as data moves between
various access points. Transmissions take place between data centers
where applications reside, or information is stored and backed up, and
the corporate users who are accessing data from within firewalls or
through VPNs. A variety of third parties, such as suppliers, partners
and customers, have access to some of that information.
"The security challenge with cloud computing is the massive amount of
variables introduced," says Chris Squier, a tech support engineer at IT
distributor Ingram Micro. "Liken it to sci-fi, and the first astronaut
who lands on an uncharted alien planet. What’s out there? How can we
use our very limited knowns to protect against massive unknowns, like
being eaten by the foliage? Can we protect that astronaut?"