Is My Public Cloud Too Public? Part 3

Is My Public Cloud Too Public? Part 3

Continued From Part 2

Backup and Recovery

The backup and recovery policies and procedures of a cloud service may be superior to those of the organization and, if copies are maintained in diverse geographic locations, may be more robust. In many circumstances, data maintained within a cloud can be more available, faster to restore, and more reliable than that maintained in a traditional datacenter. Under such conditions, cloud services could also serve as a means for offsite backup storage for an organization’s datacenter in lieu of more traditional tape-based offsite storage.

Data Concentration

Data maintained and processed in the cloud can present less of a risk to an organization with a mobile workforce than having that data dispersed on portable computers or removable media out in the field, where theft and loss of devices routinely occur. Many organizations have already made the transition to supporting access to organizational data from mobile devices in order to improve workflow management and gain other operational efficiencies.

Besides representing a computing platform or substitute for in-house applications, public cloud services can also be focused on providing security for other computing environments:

Datacenter Oriented

Cloud services can be used to improve the security of datacenters. For example, electronic mail can be redirected to a cloud provider via mail exchange (MX) records. The mail data can be examined and analyzed collectively with similar transactions from other datacenters in order to discover widespread spam, phishing, and malware campaigns, and to carry out remedial action (e.g., quarantining suspect messages and content) more comprehensively than a single organization would be able to do.

Cloud Oriented

Cloud services are also available to improve the security of other cloud environments. Cloud-based identity-management services can be used to augment or replace an organization’s directory service for identification and authentication of cloud users.

The not so good news is…

Besides its many potential benefits for security and privacy, public cloud computing also brings with it potential areas of concern compared to the computing environments found in traditional datacenters. Some of the more fundamental concerns include the following:

System Complexity

A public, cloud-computing environment is extremely complex compared to that of a traditional datacenter. Many components comprise a public cloud, resulting in a large attack surface. Besides components for general computing, such as deployed applications, virtual machine monitors, guest virtual machines, data storage, and supporting middleware, there are also components that comprise the management backplane, such as those for self-service, resource metering, quota management, data replication and recovery, workload management, and cloud bursting. Cloud services themselves may also be realized through nesting and layering together with services from other cloud providers. Components change over time as upgrades and feature improvements occur, complicating matters further.

Shared Multi-tenant Environment

Subscribing organizations typically share components and resources with other subscribers that are unknown to them. With threats to network and computing infrastructure increasing and becoming more sophisticated year on year, sharing an infrastructure with unknown outside parties can be a major drawback for some applications. This will require a high level of assurance regarding the strength of the security mechanisms used for logical separation. While not unique to cloud computing, logical separation is a non-trivial problem that is exacerbated by the scale of cloud computing. Access to organizational data and resources could inadvertently be exposed to other subscribers through a configuration or software errors. An attacker could also pose as a subscriber in order to exploit vulnerabilities from within the cloud environment to gain unauthorized access.

Internet-facing Services

Public cloud services are delivered over the Internet, exposing both the administrative interfaces used to self-service an account and the interfaces for users and applications to access other available services. Applications and data previously accessed from the confines of an organization’s intranet that are moved to the cloud face increased risk from network threats that were previously alleviated at the perimeter of the organization’s intranet. Furthermore, after moving these applications and data to the cloud, they are subject to new threats that target exposed interfaces.

Loss of Control

While security and privacy concerns in cloud computing services are similar to those of traditional non-cloud services, they are augmented by external control over organizational assets and the potential for mismanagement of those assets. Migrating to a public cloud requires a transfer of control to the cloud provider over information and system components that were previously under the organization’s direct control. Loss of control over both the physical and logical aspects of the system and data diminishes the organization’s ability to maintain situational awareness, weigh alternatives, set priorities, and effect changes in security and privacy that are in the best interests of the organization.

Compliance

Many businesses are being drawn into using cloud services by its attractive economics, bypassing IT departments to host their applications and data in the cloud directly. This creates several problems for IT organizations with reduced internal and external control. Business activities multiply the IT department’s compliance challenges, even while legal and compliance departments are expecting the IT departments to be able to report on and demonstrate control over sensitive information. Additionally, a cloud provider’s SAS-70 compliance must be carefully assessed by each enterprise customer to see if the certification meets the compliance policy established by their own enterprise.

Portability between public clouds

While cloud computing conveys a promise of open architecture and easy integration, the early cloud offerings have tended to create security “silos”—users need an Amazon account to use Amazon’s EC2 service and a Google account to access AppEngine applications. Enterprises will require information and identity portability between different clouds so that they can mix and match their services in an open, standards-based environment that permits interoperability.

By Gopan Joshi

Gopan is Product Manager: Cloud Computing Services, Netmagic Solutions Pvt. Ltd. and has expertise in managing products and services in various market scenarios and life cycle stages. His experiences ranges from introducing cutting edge innovations in existing products, existing markets to new technology, new markets

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comic
The Lighter Side Of The Cloud – Data Merge

The Lighter Side Of The Cloud – Data Merge

By Christian Mirra Please feel free to share our comics via social media networks such as Twitter, Facebook, LinkedIn, Instagram, Pinterest. Clear attribution (Twitter example: via @cloudtweaks) to our original comic sources is greatly appreciated.

The Rise Of Threat Intelligence Sharing

The Rise Of Threat Intelligence Sharing

Threat Intelligence Sharing  Security has been discussed often on CloudTweaks and for good reason. It is one of the most sought after topics of information in the technology industry.  It is virtually impossible to wake up and not read a headline that involves the words “Breached, Hacked, Compromised or Extorted (Ransomware)“. Included (below) is an…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…

Higher Education Institutions Increasing Cloud Use In Next 5 Years

Higher Education Institutions Increasing Cloud Use In Next 5 Years

Cloud Computing Advancing Edtech In a new research study by ResearchMoz it’s predicted that the global cloud computing market in higher education will grow steadily at a CAGR of 24.57% over the period 2016 to 2020. Making use of computing resources connected by either public or private networks provides the benefits of scalable infrastructure, greater…

Big Data and AI Hold Greatest Promise For Healthcare Technologies

Big Data and AI Hold Greatest Promise For Healthcare Technologies

Digital Healthcare Executives and Investors Addressed Opportunities and Challenges Facing the Industry New York City – September 21, 2016 – According to a survey of 122 founders, executives and investors in health-tech companies released today by Silicon Valley Bank, big data and artificial intelligence will have the greatest impact on the industry in the year ahead. Healthcare…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

Four Recurring Revenue Imperatives

Four Recurring Revenue Imperatives

Revenue Imperatives “Follow the money” is always a good piece of advice, but in today’s recurring revenue-driven market, “follow the customer” may be more powerful. Two recurring revenue imperatives highlight the importance of responding to, and cherishing customer interactions. Technology and competitive advantage influence the final two. If you’re part of the movement towards recurring…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah…the sweet smell of Virtual Immersion Success! Virtual Immersion© (VI) an extension/expansion of Virtual Reality to include the senses beyond visual and auditory. Years ago there was a television commercial for a bathing product called Calgon. The tagline of the commercial was Calgon…

What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The cloud is capable of delivering many benefits, enabling greater collaboration, business agility, and speed to market. Cloud adoption in the enterprise has been growing fast. Worldwide spending on public cloud services will grow at a…

Five Cloud Questions Every CIO Needs To Know How To Answer

Five Cloud Questions Every CIO Needs To Know How To Answer

The Hot Seat Five cloud questions every CIO needs to know how to answer The cloud is a powerful thing, but here in the CloudTweaks community, we already know that. The challenge we have is validating the value it brings to today’s enterprise. Below, let’s review five questions we need to be ready to address…

Explosive Growth Of Data-Driven Marketing

Explosive Growth Of Data-Driven Marketing

Data-Driven Marketing There is an absolute endless amount of data that is being accumulated, dissected, analyzed with the important bits extracted and used for a number of purposes. With the amount of data in the world has already reached into multiple zettabytes annually. A Zettabyte is one million petabytes or one thousand exabytes. With data…

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Imagine this:  Your wearable device is subpoenaed to testify against you.  You were driving when you were over the legal alcohol limit and data from a smart Breathalyzer device is used against you. Some might argue that such a use case could potentially safeguard society. However, it poses…

Utilizing Digital Marketing Techniques Via The Cloud

Utilizing Digital Marketing Techniques Via The Cloud

Digital Marketing Trends In the past, trends in the exceptionally fast-paced digital marketing arena have been quickly adopted or abandoned, keeping marketers and consumers on their toes. 2016 promises a similarly expeditious temperament, with a few new digital marketing offerings taking center stage. According to Gartner’s recent research into Digital Marketing Hubs, brands plan to…

The Storytelling Machine: Big Content and Big Data

The Storytelling Machine: Big Content and Big Data

Bridging The Gap Between Big Content and Big Data Advances in cloud computing, along with the big data movement, have transformed the business IT landscape. Leveraging the cloud, companies are now afforded on demand capacity and mobile accessibility to their business-critical systems and information. At the same time, the amount of structured and unstructured data…

Cloud Infographic – Cloud Computing And SMEs

Cloud Infographic – Cloud Computing And SMEs

Cloud Computing And SMEs SMEs (Small/Medium Sized Enterprises) make up the bulk of businesses today. Most cloud based applications created today are geared toward the SME market. Accounting, Storage, Backup services are just a few of them. According to the European Commission, cloud based technology could help 80% of organisations reduce costs by 10-20%. This infographic provided…