Enabling Cyber Security with Smart Cloud Technologies7 Jun, 2011 By: Dr. Satwant Kaur, HP imageSource
Enabling Cyber Security with Smart Cloud Technologies
There is a need for a Cloud Paradigm. The number of transistors on a chip has exceeded a billion, CPU speeds are now in Gigahertz, and the network speeds are in Gigabits per second. This calls for a paradigm shift in the way we do computing. Cloud provides us that computing model, which brings great benefits to businesses by leveraging these hardware and network technological breakthroughs. Cloud enables the next generation of advancements in IT, and provides communications, services and capabilities.
Inside a Cloud
Cloud consists of global massive data centers, computing platforms, storage, data and e-services. Cloud can provide online services by leveraging its software, platforms, infrastructure and knowledge. It can also provide utility computing, by virtue of its characteristics of transparency, pay as you go, efficiency and on demand availability.
Virtualized infrastructure provided by a Cloud decreases a business’s need for IT in house infrastructure. Cloud computing as a business solution is being embraced by mobile users, consumers, government, corporation and healthcare alike, which can reduce total costs of computing in areas of storage, computing and networking.
Cloud computing can offer virtualized software, infrastructure and platforms in various ways including software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS).An example storage Cloud solution is an ecosystem of Coud storage infrastructure, backup and archive solutions, as well as management and support.
Pushing of the critical business information from business premises into the Cloud infrastructures provides enhanced efficiencies, performance, agility, accessibility and cost containment.
Benefits of Cloud Computing
Businesses are moving applications to Cloud. Moving business applications to Cloud and other uses of Cloud give access to virtually limitless data and computing capability, with ready-made growth capability.
Cloud enables outsourcing of infrastructure, software, technical support, and security control. This brings about huge IT savings in the form of reduced data center and other in house IT infrastructure needs.
Desktop devices can now have their operating system, memory and applications virtualized out from Clouds to the device. Cloud computing can reduce the amount of applications on desktops, and replace the fat desktop client by a thin client.
The IT operational efficiencies are based on sophisticated fault tolerance, reducing the mean time to rebuild in comparison to time to repair.
Cloud Computing ensures continuous and instant availability of data by backup in the cloud and eliminates need for continual workstation patching and IT device remediation.
Cyber Security Vulnerabilities in Clouds
Virtualizations provided by Cloud Environments bring about business efficiencies by reducing the IT infrastructure needs; but also present a risk of loss of control of data & resultant increased cyber incidents.
In Cloud based solution, an organization relinquishes direct control of their data and business processes by outsourcing infrastructure.
Some resulting vulnerabilities are listed here:
Insecure Cloud providers Application Programming Interfaces result in insecurities.
To maximize resource utilization and performance, the Cloud architecture shares some underlying hardware, like hard drive, network switches etc. This causes cyber security vulnerabilities.
Separation of roles and role based access to applications, functions, and data can be compromised in a virtualized, Cloud-based infrastructure.
Security Issues emanate both from the physical security of the underlying hardware as well as security of the data in the Cloud.
Malicious Insider threat vector is accentuated in the complex Cloud environment with lesser controls.
Fragmented small Clouds with different security models around authorization and access to Cloud services present challenges with the Cloud data sovereignty, privacy and security.
As applications are moved to Cloud, the challenge is to put IT policies in place to kill dead applications, to “virtualize” the live applications, and then to put these virtualized live applications in Cloud, securely.
Listed Solutions for Cyber Security in Clouds:
Migration to Cloud presents opportunities to fix security holes of past application implementations. This section presents some solutions on cloud technologies that will help reduce the cyber security incidents:
Leverage Cloud computing for stronger end point security and better data protection.
Leverage Cloud Computing for the use of thin clients and the many security benefits they provide.
Leverage Cloud computing for better control over identity management and encryption.
Leverage Cloud Computing open source that enable Cloud like net centric technologies. Example, Linux, MySQL, Hadoop.
Leverage Cloud computing open standards to enable secure and enhanced functionality and increased interoperability in the code, API’s and interfaces. Example, W3C, OASIS, and IETF.
Leverage enhanced data security with clouds. Data stored on Clouds can be encrypted and access provided to only the authorized users.
Ensure Security in hardware as the foundation for secure solutions.
Leverage SSL for Web sites.
Adopt simple encryption.
Force authentication in applications.
Ensure data portability model is not application specific, and is capable of being used by multiple applications. Portability of data can assure security of data by use of secure technologies like encryption.
Maintain confidentiality of storage data in Cloud, by ensuring no sharing of data by cloud providers with third parties or rights for marketing.
Governance by ensuring Cloud provider compliance with regulatory requirements in regards to handling data.
Ensuring Physical Security for Cloud data centers that will be hosting applications and data.
Ensure Logical isolation by appropriate data partitioning on the Cloud servers from data stored by cloud servers for other Cloud users.
Establishing and following uniform legal and industry standards for Cloud computing.
Maintaining internal controls for information critical to the organization or the conduct of business, example: intellectual property or privacy information regarding employees or customers.
Businesses should ensure that their security and audit teams follow the emerging cloud related compliance, auditing, and accountability standards into practice.
Abuse of Cloud Computing as when IaaS provider services are used for botnet attacks. The IP address of hosts sending spam need to be disabled for access.
There is a need for security, data confidentiality, integrity & availability on information and the information infrastructure. It is a balancing act to increase operational effectiveness, reduce costs through IT efficiencies, while also ensuring security, privacy and trust in Cloud Environments.
Dr. Satwant Kaur is a Management & Technology Consultant; book author of “Transitioning Embedded Systems to Intelligent Environments,” and was a platform strategist in the Intel Architecture Group at Intel, CTO of the Emerging Technologies Group at TIBCO Software, Director of Development at Symantec & Chief Technology Architect of Quest Software. She holds a Doctorate in Mobile Internet Protocols sponsored by Nokia Research Center. You can reach her via email at Satwant.Kaur@gmail.com