Securing tomorrow's clouds
Finding the right partner is the key to making cloud use secure for your organisation says Kevin Patel.
Kevin Patel, service assurance technology analyst, Xangati
Cloud computing is revolutionising the IT industry the world over. No longer do individuals or businesses have to purchase expensive servers in order to run their businesses. Instead, an IT company offers to host their software on their servers offering virtual infrastructure to the business as a service. They are then able to access the servers via the internet seamlessly.
There are three models of cloud computing:
- Private cloud - which is privately owned and quite expensive to set up
- Public cloud – open to the public and a cheaper option though considered less secure
- Hybrid cloud – this combination of private and public clouds is considered the best option to work with
Cloud infrastructure provides an awesome opportunity to IT users and businesses, but there are also some limitations as well as new security threats that come along with it. If you are to enjoy a holistic service, your best bet is a virtualised hybrid-cloud infrastructure.
Different cloud architectures
Even though cloud architectures come in many forms, there are only three that are recognised by the industry. They are IaaS (Infrastructure-as-a-service), PaaS (Platform-as-a-Service) and SaaS (Software-as-a-Service).
- Infrastructure as a Service (IaaS) – Here, you simply add empty VDIs to the cloud. They can then be filled with whatever the customer or vendor wants including the OS (Operating System) and CRM (Customer Relationship Management) solution that they are interested in. The physical hardware in this case is abstract, the resource pool can have hard drives, memory modules, network switches and CPUs added from any part of the world.
- Platform as a Service (PaaS) – here the application frameworks served by the cloud understand a programming language or even multiple programming languages. They can also use software that may not necessarily have been developed for use with cloud and they generally do not know how to scale in order to be ready for use with a cloud infrastructure. The OS is usually abstract in this case such that there is no need for hardware maintenance, patches or software conflicts. This is web computing.
- Software as a Service (SaaS) – This model serves a variety of applications used in companies to carry out various tasks. In the past, there was a need for software on the premises but today all of that is abstract. You don't have to worry about network troubleshooting, maintaining hardware, patching the OS, or conflicting software. All you need is the internet. This model looks set to be the prevailing one in the future.
For cloud computing to be embraced security Is the Key
Even though there are other virtualisation issues to be considered, the top among virtualisation problems is security. This is an aspect that each person hoping use the cloud will need to look at critically. Most companies want to know that their data will be secure – at least just as secure as it was while being kept on onsite servers if not more. This calls for enhanced network monitoring as well as virtualisation monitoring to ensure that there is no breach of security.
Cloud security is a complex thing. Attacks that cause Denial of Services can be countered easily and physical breaches are also not likely. However, providing the same level or a greater level of security as that provided by onsite data centres may be challenging. There are new security risks that were not there before and even issues such as compliance are a challenge.
Whereas in the past companies were responsible for their data security, by embracing cloud security, issues have now been transferred to the provider of the cloud services taking control from the company. They become responsible for virtualisation troubleshooting. This means that the company will need to trust that the cloud provider will do a good job of securing the data. Top vendors like Microsoft, Amazon and Google have the finances to provided great security, but this may not be possible for other vendors and extensive due dilligence is advised including scrutiny of service level agreements.
Cloud control: Who manages the cloud