Cloud Security continues to dominiate the cloud conversation. I asked Nik Weidenbacher, director of product engineering for cloud computing to give us his thoughts on cloud improving security. Nik and his team are responsible for designing, building and testing the infrastructure for SunGard’s Cloud Computing Service…CM
Can Cloud Computing Improve Your Security?
Obviously, the answer is “it depends.” How good is your security now? A number of factors play into that question.
Security in a Data Center
If your technology runs in a traditional data center and you move to a cloud where the same technology is used, security is quite similar. Essentially, you’ve been using virtual local area networks (VLANs) to separate your departments, and now your cloud provider use that same technology to separate your departments and to separate other tenants from you.
Security in a cloud
If your company doesn’t use a technology like VMware to run multiple operating systems within VLANs, than the security landscape changes significantly. A physical switch connecting the network to one machine in your data center is now replaced by software switches connected to multiple machines and managed by a “hypervisor.”
Just as you secured that physical switch in your data center, the cloud technician must secure the software switches and the hypervisor to control who can/cannot access it, and they also need to adding invasion protection software to thwart unauthorized outside access.
Then they have to consider security maintenance. Are patches being received, evaluated and placed operation on a timely basis? Clouds have lots of moving parts and, since it is the weakest link that is most vulnerable, you have to think about security everywhere all the time.
Security gains
Ultimately, the most important security question is “who’s running your cloud.” Many companies can’t afford all the software and technical skill it takes to manage a highly-secured data center, so they aren’t doing it. A cloud provider can share that cost among many companies to not only provide a more secure environment but also to pay constant attention to it. Similarly, where PCI-DSS certification for credit card transaction may be an on-going project in a company, the cloud provider may already have that security in place.
What additional security measures could your organization gain with the right cloud provider?