Safety in the clouds

April 7, 2014

cloudBusinesses are adopting cloud services at a rapid pace as they realize the benefits of scalability, flexibility, agility and better workload distribution – all implemented at lower cost. Conventional wisdom, however, insists that the public cloud should only be trusted for less critical data and applications, while more sensitive or private data should only be processed in the enterprise’s private cloud – but is it logical?

Safety above the clouds
How many times must we be told that flying is safer than going by car, before everyone can relax and enjoy the flight? There is no simple answer, because the fear of flight has a strong emotional and instinctive basis, and such gut feelings take a long time to respond to logical arguments.In fact the biggest risk in travelling by air happens not in the plane but during the journeys to and from the airport

That’s just how it is with cloud computing. Our guts tell us that it is safer to keep critical processes in our own datacentre where we know where it is and who can access it. Again, the biggest risk is not in the cloud but in the journey to the cloud.

What is needed is a clearer understanding of theactual, rather than gut risks of cloud computing.CEF (CloudEthernet Forum) is addressing this need by analysing the security challengesunder four categories of use cases:

• Security within the cloud
You don’t send data to the cloud to have it treated badly or lost. Cloud services must be implemented in a high quality and well-maintained infrastructure.

• Cloud networking
However safe and efficient the operation inside the cloud, it comes to nothing if the data transfer between cloud or between the user and the cloud becomes as unpredictable as taking a car to the airport during rush hour.

• Privacy concerns
Cloud data auditing needs to be efficient as well as easy to implement, and it must at the same time retain the privacy of the data being audited.

• Security from the cloud
Cloud Managed Security replaces traditional, complex, and often inefficient distributed security methods with centralized, uniformed and flexible cloud computing enabled security.

Network Function Virtualization for Security (NFV-S)is a third approach, and a fundamental new paradigm that capitalizes on the latest network virtualization and SDN technology.

Leave a Reply