Security And Management In The Cloud

Security And Management In The Cloud

Though there are various challenges involved in maintaining a cloud service, one of the major challenges that organizations face is security management. The advent of global computing represents cloud computing in totality. This has transcended boundaries, not just nationally, but also internationally.

This same globalization is another challenge that has emerged for cloud technology, because traditional security models do not apply in the cloud infrastructure. Let us take, for example, firewall infrastructure. The very invention of firewalls in traditional systems was meant to provide “blocking-security” for single hardware devices. However, with cloud computing models, the very definition of this is thrown out of the window. The cloud itself is outside these defined perimeters, and there need to be device-separated regimes for cloud security management. Traditional IT regimes work less on this kind of infrastructure and are not quite practical. Since we are making massive changes in the infrastructure, changes are also needed in security management.

Why is it difficult to maintain security on the cloud?

Security is made difficult by the fact that the infrastructure is not owned by the party itself – it is somebody else who owns the entire infrastructure. Hence, it is difficult to get changes in security implemented as you try to scale the rest of your IT infrastructure. If these two growths are not in complete synchronization with each other, there are bound to be holes in the coverage and gaps that are difficult to seal down.

Automating firewall management clouds

This is not just a possibility; it is essential. There is a high degree of elasticity associated with cloud infrastructure – be it public, private or hybrid. As a result, security is essential and must be deployed on the basic cloud server. If you are taking a third-party cloud, you must insist on a security check at the cloud server level. Time-based controls, which close ports such as RDP, etc. and open only when there is a demand, are a good option. This ensures that your servers are always secured, and since you have the security server on your own side, the policies can be easily coupled with your infrastructure.

Should one take a hybrid approach to security solutions?

There are various reasons why the hybrid approach is perhaps not a good one. Most traditional security methods do not exist for the cloud. Also, the entire process of securing your cloud infrastructure is quite different from securing traditional IT infrastructure. Many server admin ports such as SSH, etc., are left open in traditional infrastructure. This is because the server sits behind the corporate infrastructure, and there is abundant security and less risk.

However, this is not possible with the cloud, as everything is so elastic that there are no fixed perimeters. In this case, therefore, admin ports cannot be left open as they were in the traditional case. There needs to be a custom solution for this which is different for every different cloud. The need of the hour, however, is to realize the importance of these custom security management systems to the cloud.

By Kaamil Nakhasi

Sorry, comments are closed for this post.

The Modular Drone Concept In Action

The Modular Drone Concept In Action

The Modular Drone Concept As the Internet of Things (IoT) world explodes around us, it is interesting to think about new ways of solving old problems. For example, drones allow for a potential solutions to a number of long-standing problems. Aerial drones that can carry modules are appearing. These new modular drones have a number…

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Cloud Compliance  Regulatory compliance is an issue that has not only weighed heavily on the minds of executives, security and audit teams, but also today, even end users. Public cloud adds more complexity when varying degrees of infrastructure (depending on the cloud model) and data fall out of the hands of the company and into…

Encrypting Your Cloud Data For Extra Protection

Encrypting Your Cloud Data For Extra Protection

Encrypting Your Cloud Data Encrypting data is one of the best ways of protecting your data as it moves to the cloud. The only thing better than encrypting your data, is not storing your data at all. Let’s first look at the case of using file sharing applications such as Dropbox. If you are the…

The Conflict Of Net Neutrality And DDoS-Attacks!

The Conflict Of Net Neutrality And DDoS-Attacks!

The Conflict Of Net Neutrality And DDoS-Attacks! So we are all cheering as the FCC last week made the right choice in upholding the principle of net neutrality! For the general public it is a given that an ISP should be allowed to charge for bandwidth and Internet access but never to block or somehow…

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Imagine this:  Your wearable device is subpoenaed to testify against you.  You were driving when you were over the legal alcohol limit and data from a smart Breathalyzer device is used against you. Some might argue that such a use case could potentially safeguard society. However, it poses…

Shadow IT To Remain A Focus For Both Cloud Vendors And CIOs

Shadow IT To Remain A Focus For Both Cloud Vendors And CIOs

Shadow IT To Remain A Focus Shadow IT, a phenomenon defined as building internal IT systems without the official organizational approval has been a growing concern for CIOs over the last few years. In 2015, it climbed to the top of the list of the emerging IT threats, with as much as 83% CIOs reporting…

How IRM Makes Cloud-Based File Collaboration “Security-Aware”

How IRM Makes Cloud-Based File Collaboration “Security-Aware”

IRM Cloud-Based File Collaboration  Data breaches and data loss due to insider threats, including malicious insiders stealing, manipulating or destroying data, are the fastest-growing risks that keep managers up at night, according to new research by Ernst & Young. How can we ensure that the right people in an organization have the right access to…

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor