Five Best Practices for Cloud Security
Tips on how to better secure your cloud computing environment.
The cloud is widely seen as the key to the handling of rapidly increasing data volumes. Yet, many organizations draw the line at mission-critical applications, citing a severe lack of trust regarding availability and security.
In the coming year, however, expect the burgeoning cloud industry to start challenging that perception with new platforms that aim to be just as reliable and effective, if not more so, than traditional infrastructure.
The ball is already rolling with new cloud portfolios like IBM's SmartCloud. Not only has the company devised multiple flavors of the platform tailored to specific industries, but it also contains service-level agreements and advanced middleware services aimed at mission-critical support. The company intends to ease users onto this level of cloud computing with the SmartCloud Entry starter kits for deployment on private clouds running on System x and Power hardware.
For those looking for a cleaner break between the cloud and underlying hardware, smaller firms are touting both the open nature of their platforms and newly created application-friendly deployment capabilities. GigaSpaces, for example, just released a beta of the Cloudify platform that the company says is engineered for mission-critical apps. The company says it can deploy any middleware stack on any cloud platform while maintaining full control over the entire environment, all without code changes. It also supports virtualized and non-virtualized environments to allow network-sensitive applications to be deployed on bare metal.
Entrusting the crown jewels to someone else's infrastructure still requires a leap of faith, no matter what kind of assurances are on paper. However, it is happening on a limited basis already. UK security firm G4S, for example, just put its cash management application called E-Viper on Azure where it hopes to gain greater failover and availability capability, as well as the flexibility to add users more quickly than under its current management system. At the same time, the firm hopes to cut operating expenses by two-thirds.
As for security, there is a growing chorus of voices arguing that the cloud is, in fact, more secure than in-house infrastructure. Gus Hunt, CTO for the CIA no less, recently told an Amazon Web Services conference that the ability to constantly shift data and applications across all manner of virtual and physical infrastructure presents a tremendous challenge for anyone looking to break in. Sure, the cloud provider has to ensure the integrity of everything up to and including the hypervisor and virtual management stack, but the tools to do that on the cloud are no better or worse than what the CIA or any other organization can deploy in-house. And as long as the transfer between the cloud and the client infrastructure is encrypted over the IPSec tunnel, prying eyes are locked out.
Over time, reliability improved and the operational benefits became too obvious to ignore. The same thing is likely to happen again, once the industry recognizes the fundamental safety of the cloud.