Making Clouds Secure - Page 3
Endpoint: difficulties remain� and are getting worse
In the theoretically ideal “Cloud World,” Cloud Computing security takes place on the platform level and through communication with edge devices, since data is not stored on the devices themselves. This model is still too premature to be put into practice, and the data that reaches the platform is de facto created, processed and stored on the endpoint level.
It turns out that there will always be security problems with edge devices in a Cloud environment. In fact there is another much stronger theory that these problems are actually becoming worse. In order to understand why this is happening, let us take a look at some conceptual diagrams of traditional in-house IT models compared to the Cloud Computing environment (Figures 2 and 3).
Figure 3. Security threats in a corporate Cloud environment
In each case, most of the threats are clearly coming from the global network and entering the client's corporate infrastructure. In the in-house system, the main blow is dealt to the platform, in contrast to the Cloud environment, in which the more or less unprotected endpoints suffer. External attackers find it useless to target protected provider Clouds since, as we noted above, the protection level of global Cloud platforms like Google and Microsoft, due to the numerous capabilities, professional expertise and unlimited resources, will be significantly higher than the data protection supplied by any individual corporate IT system. As a result, cyber criminals end up attacking edge devices. The very concept of Cloud Computing, which presumes access to a platform from wherever and whenever it is convenient to do so, also increases the probability of this type of scenario.
On the other hand, having observed an increase in a variety of attacks on endpoint computers, corporate information security services have had to resort to focusing their efforts on protecting edge devices. It is this task in particular that, it would seem, will become a critical problem for corporate information security.
DeviceLock — a developer of software protection systems against data leakages via ports and endpoint computer peripherals — believes this is a crucial trend. Systems like those designed by DeviceLock become especially valuable in the Cloud Computing environment, since they help reduce the risk of corporate data leakages via endpoints, which are the focus of corporate information security service efforts at companies where Cloud services are used.
Instead of a conclusion�
"I think a lot of security objections to the Cloud are emotional in nature, it's reflexive," said Joseph Tobolski, director for Cloud Computing at Accenture. Shumacher Group CEO Doug Menafee is also familiar with the emotional aspects: "My IT department came to me with a list of 100 security requirements and I thought, Wait a minute, we don't even have most of that in our own data center".
Deciding to use Cloud Computing is just like getting behind the wheel of a car for the first time. On the one hand, many of your colleagues may have already made the leap, but on the other hand, getting onto a busy highway for the first time can be scary — especially when you keep seeing stories of horrible accidents on the news. However, it‘s not much more dangerous to drive than it is to drink coffee on a moving train or to wait at a bus stop.
For the most part, the situation with Cloud Computing is the same as with classic software usage models. The Cloud environment requires attention to information security, but we`re totally confident that there would be solutions to the problems that currently exist. There are specific nuances in Cloud security, primarily related to a blend of priorities — from perimeter protection to edge device protection. But if data security developers help companies resolve this problem, the future for “Clouds” will be sunny indeed.