الثلاثاء، 7 أغسطس 2012

Toughening the Cloud


Cloud security has been a main concern for many people deciding whether to switch to cloud or not. We are going to show you some of the ways in which to improve cloud security.

Cryptography and network protection

When talking about cloud security, two things come to mind. The first is cryptography. You think about your data being stored somewhere out of your control, and to be comfortable doing this you need at least some assurance no one will be able to access it. The best way to ensure this is by having it encrypted. The second is network protection. When you’re connected in a public cloud, you need to be sure that no one is accessing your servers.

Unfortunately, these points are very hard to solve, so the majority of cloud vendors do not offer data encryption on their servers. This means that all responsibility for cloud data protection is of the user. Fortunately, several cloud-ready data encryption tools have been released to help.

Vendors are now coming out with solutions like Trend Micro, Porticor and Ciphercloud. All these tools encrypt the data, making all applications go through them in order to access anything. Even if data is stolen from the cloud, it will be extremely hard to access it after.

As for networking, an interesting tool is CloudPassage’s Halo. It uses one small software component that goes on the cloud servers which automatically adds networking security rules. It then monitors server activities to check for unauthorized access. The tool also has a back-end service which stores data centrally, meaning that every new server that comes up will all have the rules already configured.

Responsibility is very important when it comes to security: we need to lower the risk of not being responsible for the computing world, particularly in public cloud situations. This is where insurance comes in. A number of companies have started up such as CloudInsure, who offer insurance for incidents that are cloud related. These are going to be complex and costly insurance policies, but are an important asset for organisations associated with the cloud.

By using these different solutions and services, it is now possible for public cloud to be more secure. Although a cloud environment is not as secure as an internal data center, if the tools mentioned above are used cloud security is good enough.

ليست هناك تعليقات:

إرسال تعليق