By Neil Lathwood, IT Director, UKFast
The cloud undoubtedly presents new opportunities as discussed in a number of the articles in today’s newsletter. We’d be missing one key concern with cloud however if we did not address the issue of security and the due diligence that you should undergo before choosing the platform for you.
There are some organisations that will never be able to move all their IT operations to the cloud. Enterprises that face certain compliance issues such as government agencies and financial institutions may be bound by statutes and regulations to keep some electronic records in a physical location that conforms to client-server models.
For the majority of us who have the freedom to move to the cloud, it presents a set of different security concerns for businesses of any size. Data protection and privacy are usually the foremost concerns, followed by identity management, application security, physical security, and legal issues such as e-discovery and compliance.
Public Cloud Security
In the 21st century, small business owners have flocked to public cloud providers that offer enterprise software applications and storage solutions at low prices. However, the combination of cheap costs and large resources comes with a risk.
Most public cloud computing deployment models run on shared infrastructures, something that presents a potential for side-channel attacks, a method of computer intrusion that involves finding out the exact physical location of the server machines that support a public cloud service, gaining entry to the server, and either planting malicious code or conducting attacks from virtual machines residing in the public cloud server.
At a minimum, public cloud deployment models should provide users with Secure Socket Layer (SSL) connections with AES-256 encryption. Public cloud models do not usually allow the implementation of unique security policies usually required by large enterprises.
Dedicated Cloud Security
Some cloud providers use the terms dedicated and private interchangeably to refer to solutions focused on maintaining physical servers for clients. These server setups allow business organisations to use the internet to access data and applications stored in their own cloud. Clients retain full control of the operating systems and software on the dedicated cloud, and thus are able to implement their own security policies.
A managed firewall is one of the most important security offerings in a dedicated cloud setup and one of those offered by UKFast in the MyCloudStack solution. Managed firewalls serve to filter out unauthorized and malicious incoming traffic and to efficiently allow legitimate traffic.
For large enterprises that handle significant amounts of data and resources, isolating networks is also a good security practice. To this extent, virtual switches help internal cloud administrators to isolate networks and assign authorized administrators to separate functional areas.
Hybrid Cloud Security
When public and private cloud solutions are combined for the sake of data and software collaboration they result in hybrid cloud solutions. An example of a hybrid cloud would be a bank that decides to keep its accountholder data in a secure client-server physical location, while moving its customer services operations to an external dedicated cloud. As the bank’s customer service agents regularly need to access and update accountholder information, the cloud and client-server models need to be integrated in a hybrid cloud.
Advanced hardware-based solutions for hybrid clouds provide smart partitions that allow executions of processes separately. These solutions create networks with security measures such as identity protection and authentication, protection against malware, encrypted communications, and intrusion prevention that are built right into the hardware components of the hybrid clouds.
Whichever form of cloud you decide to choose, you must make sure that you are aware of the risks and able to mitigate them. If you’re anything like me, your data needs to be kept private and secure. This is much easier if you go ‘private’ because the cheaper you go with cloud — the more public it is.
For more information contact email@example.com
or visit www.ukfast.co.uk/get-ahead-in-the-cloud-part1-cs.html
Join us on