Cloud Security – Is The Cloud Insecure?

Cloud Security – Is The Cloud Insecure?



Cloud security is on the top of every CIO’s mind. Apparently some people even consider that cloud risks outweigh cloud benefits.  Unfortunately, an overzealous approach to cloud security can lead to arguments that detract from the real issues, with little to no analysis of the specific problems at hand.

Cloud security issues

  • Separation of duties Your existing company probably has separate application, networking and platform teams. The cloud may force a consolidation of these user groups. For example, in many companies the EC2 administrators are application programmers, have access to Security Groups (firewall) and can also spin up and take down virtual servers.
  • Home access to your servers Corporate environments are usually administered on-premise or through a VPN with two-factor authentication. Strict access controls are usually forgotten for the cloud, allowing administrators to access your cloud’s control panel from home and make changes as they see fit. Note further that cloud access keys/accounts may remain available to people who leave or get fired from your company, making home access an even bigger concern…
  • Difficulty in validating security Corporation are used to stringent access and audit controls for on-premise services, but maintaining and validating what’s happening in the cloud can become a secondary concern. This can lead some companies to lose track of the exact security posture of their cloud environments.
  • Appliances and specialized tools do not support the cloud Specialized tools may not be able to go into the cloud. For example, you may have Network Intrusion Detection appliances sitting in front of on-premise servers, and you will not be able to move such specialized boxes into the cloud. A move to Virtual Appliances may make this less of an issue for future cloud deployments.
  • Legislation and Regulations Cross border issues are a big challenge in the cloud. Privacy concerns may forbid certain user data from leaving your country, while foreign legislation may become an unneeded new challenge for your business. For example, a European business running systems on American soil may open themselves up to Patriot Act regulations.
  • Organizational processes Who has access to the cloud and what can they do? Can someone spin up an Extra Large machine and install their own software? How do you backup and restore data? Will you start replicating processes within your company simply because you’ve got a separate cloud infrastructure? Many companies are simply not familiar enough with the cloud to create the processes necessary for secure cloud operations.
  • Auditing challenges Any auditing activities that you normally undertake may be complicated if data is in the cloud. A good example is PCI — Can you actually prove that CC data is always within your control, even if it’s hosted outside of your environment somewhere in the cloud ether?
  • Public/private connectivity is a challenge Do you ever need to mix data between your public and private environments? It can become a challenge to send data between these two environments, and to do so securely. New technologies for cloud impedance matching may help.
  • Monitoring and logging You will likely have central systems monitoring your internal environment and collecting logs from your servers. Will you be able to achieve those same monitoring and log collection activities if you run servers off-premise?
  • Penetration testing Some companies run periodic penetration testing activities directly on public infrastructure. Cloud environments may not be as amenable to ‘hacking’ type activities from taking place on cloud infrastructure that they provide.

By Simon Ellis,

Simon is the owner of LabSlice, a new startup that allows companies to distribute Virtual Demos using the cloud.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

POPULAR ARCHIVE

Most Active Internet Of Things Investors In The Last 5 Years

By CloudTweaks

Most Active Internet Of Things Investors A recent BI Intelligence report claimed that the Internet of Things (IoT) is on its way to becoming the largest device market in the world. Quite naturally, such exponential growth of the IoT market has prompted a number of high-profile corporate investors and smart money VCs to bet highly on this comparatively still nascent industry. A recently discovered CB Insight report via Twitter stated that the funding of  IoT startups has…

Cloud Infographic – Disaster Recovery

By CloudTweaks

Disaster Recovery Business downtime can be detrimental without a proper disaster recovery plan in place. Only 6% of businesses that experience downtime without a plan will survive long term. Less than half of all businesses that experience a disaster are likely to reopen their doors. There are many causes of data loss and downtime — UPS battery failure, human error, exceeding UPS capacity, cyber attacks, and IT equipment failure, just to name a few —…

Big Data and Financial Services – Security Threat or Massive Opportunity?

By CloudTweaks

Big Data and Financial Services Cloud Banking Insights Series focuses on big data in the financial services industry and whether it is a security threat or actually a massive opportunity. How does big data fit into an overall cloud strategy? Most FI’s have a positive mind-set towards cloud IT consumption as it not only enables saving across IT investment but frees up precious resource and surplus so  FI’s  can invest in customer centric activity. Financial…

Thought Leadership Program

Bring your insight and experience into the forefront of a growing technology community. Generate interest and have your articles viewed and shared by thousands of readers...