The enterprise is clearly poised for a dramatic increase in the use of cloud infrastructure for its standard workloads, and even some mission-critical functions as well. But concerns still linger, most of them related to the lack of visibility that occurs once data and applications cross the firewall.
According to a recent survey by Netwrix, more than 65 percent of enterprises are still concerned with security and 40 percent are worried about loss of data control in the cloud. Both of these issues, the company says, stem from the fact that organizations cannot “see” what is happening on third-party infrastructure and therefore cannot tell if they are receiving adequate protection or even the full levels of service and support they are paying for. In all likelihood, organizations will increase their dependence on the cloud regardless, but migrations would move even faster if functions like visibility and auditing of cloud agreements were improved.
Help may be on the way in the form of new visibility services, however. Intel recently announced that its new Snap data telemetry framework has been released as an open source platform, allowing enterprises to improve visibility across data center and cloud infrastructure. The system aims to improve workload scheduling and management by harnessing the full data environment under a unified platform that simplifies collection, ingestion and analysis telemetry data while supporting both machine learning and cluster control of underlying infrastructure capabilities. In this way, the enterprise is able to maintain control of its environment even as it scales into the cloud or changes dynamically to suit shifting operational needs.
Improved visibility can also turn the tables on hackers, says Gigamon CTO Shehzad Merchant. To date, most malicious code has been centered on bombardment, as in DoS attacks, he tells CSO Online, which means they only have to defeat one set of defenses. Today’s stealthier malware thrives by not being detected, which means it has to defeat many layers of protection on a continual basis. This gives the enterprise an advantage because discovery on just one layer is enough to disclose the attack and then eliminate it before critical systems and data are compromised. Still, visibility will have to be extensive, spanning physical, virtual and cloud infrastructure, in order to increase the chances of detection.
Visibility will also help the enterprise combat shadow IT by improving the tracking and dissemination of data across both sanctioned and unsanctioned applications and infrastructure. A company called ManagedMethods recently released the Cloud Access Monitor that provides non-intrusive monitoring of application usage, deployment and data consumption, and then couples that with a risk assessment module to help organizations pinpoint potential danger. The system can be deployed on public, private or hybrid infrastructure and extends beyond mere log entries in favor of granular, deep-packet inspection to track the movement of critical data, such as Social Security numbers, credit data or other personally identifiable information to improve both internal security and external compliance regulations.
The old adage “You can’t manage what you can’t see” holds doubly true for the cloud, but is also made doubly difficult by virtue of not having direct control over all infrastructure that data can touch once it leaves the enterprise data center.
Competitive pressures and the emerging digital economy will force many organizations to increase their reliance on third-party infrastructure as the second half of the decade plays out. But there is no reason why any enterprise should go into such a potentially dangerous environment with blinders on.
Arthur Cole writes about infrastructure for IT Business Edge. Cole has been covering the high-tech media and computing industries for more than 20 years, having served as editor of TV Technology, Video Technology News, Internet News and Multimedia Weekly. His contributions have appeared in Communications Today and Enterprise Networking Planet and as web content for numerous high-tech clients like TwinStrata and Carpathia. Follow Art on Twitter @acole602.