Advertisment

Security over open cloud

author-image
DQI Bureau
New Update

Security has been the point of debate whenever cloud conversations happen. Much has been talked about but still less has been understood.

Advertisment

Security becomes More Consumable

If you pay attention to any IT industry analyst reports, you may come to know about ‘the cloud' security concerns which are consistently topping the list. This is partly because the ‘security' moniker often serves as a sort of shorthand for a variety of compliance, audit, regulatory, legal, and governance issues that are often only indirectly related.

But Data Security...

Advertisment

This remains a vexing issue, increasingly leading to high profile issues. At one level, protecting against data breaches in the data center is a fairly straightforward security problem, however in many respects we are in a place that's different in kind from times past.

Some of these differences are about connectedness and scale. While security models have been shifting from walled perimeters to defense-in-depth since the early days of the web and e-commerce, cloud based applications made up of composable services from multiple sources vastly increase potential attack surfaces. It's a vastly more complicated security problem than setting the ports correctly on a firewall.

BYOD Doubters Reach the 5th Step: Acceptance

Advertisment

BYOD is one of the trends that some like to cite as a key cloud security issue given that it takes control away from IT and puts it in the hands of users. Look around any organization that's not part of the government or in a highly regulated industry and, chances are, most of the smartphones you see aren't company-issued and provisioned. And the tablets that you probably spy as well are far more commonly purchased by employees for some combination of personal and work use-to the degree that we can even still draw a sharp line between such spheres of activity.

In most cases, BYOD is going to require IT departments to do some combination of rolling out new products, educating users, and adopting new processes. At the very least, they need to understand potential exposures and come up with a plan dealing with them.

Hybrid Shows up in Ever More Conversations

Advertisment

Hybrid commonly refers to cloud management that spans both on-premise and multi-tenant public clouds-although clouds can be heterogeneous in other ways as well.

The consumerization angle is that early public cloud usage was often characterized by users gaining access to computing resources with a credit card because their IT department wasn't moving quickly enough. Such usage can also be outside the scope of any IT governance practices. That can be good for flexibility and speed but it can have a stark downside if there's a data breach or if an application developed using a public cloud can't be easily put into production on-premise.

Advertisment