The Sky is No Longer the Limit: Thoughts from the Cloud

Kevin Nikkhoo

Subscribe to Kevin Nikkhoo: eMailAlertsEmail Alerts
Get Kevin Nikkhoo: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: Cloud Computing, Virtualization Magazine, Microservices Journal, Cloud Data Analytics

Article

Public Cloud or Private Cloud, That Is the Question – Or Is It?

When addressing security, does the cloud configuration really matter?

You realize the overarching benefits of the cloud, but you are a bit wary regarding the security of any data stored and transacted in these virtualized environments.  But the cost-saving benefits and user preference and resource delegation of the cloud are such that not integrating some processes, applications and data is counterproductive to your overall IT strategy. So you decide that a private cloud is a more secure route that its public counterpart. But are you really any more secure?

The quick answer is no. But not for the reason you might think. A private cloud is infrastructure operated solely for a single organization. The only difference is that your data is segregated from any other organization. And if that brings you any semblance of peace, then it’s a good investment. It all depends on your business need. It offers greater control, but means you shoulder all the overhead, updating, risk management and related costs. And if you factor in the compliance requirements for financial or healthcare related companies, it might be the better option.

But, the thing is, it is still a server. It is still prone to all the issues on-premise and pubic clouds in terms of intrusions, attacks, user carelessness and resource deficiencies. It is as vulnerable (or protected) as the alternative counterparts. The only difference is the means of security you apply towards protecting it. You can build the most sophisticated on premise security solution, but if you leave a window open, data will still leak, unwanted intrusions will still get in and George from sales will still log into your network from his unsecured iPhone.

So let’s be clear. From a platform security perspective, it does not matter whether you choose public, private or hybrid clouds. It matters how you protect it; which can also be effectively  managed from the cloud. And depending on your preference, a cloud-based security management should be able to equally protect and support any cloud or on-premise configuration.

If you assume your SaaS-based CRM, payroll or inventory shipping applications are well protected by the developer, you are equally inviting problems. According to new guidance from the National Institute of Standards and Technology, YOU and not your providers have ultimate responsibility for the security and privacy of data stored on the cloud. The SaaS developer are responsible for their infrastructure, not your data or who you provide access to that data or how you transit the data from endpoint to endpoint…unless the service you invest in is a cloud-based security-as-a-service.

Cloud-based security can be seen as having your cake and eating it too. You benefit from a diverse portfolio to meet your specific business needs and now you have another resource that allows you to gain best-of-breed, enterprise level power, capabilities and control.  You have a way to monitor your public or private clouds (or your complex integrated networks) 24/7/365 or create multifactor authentication barriers to access intellectual property. With the right processes and rules, you can create and seamless layer across multiple servers and infrastructures that connect each independent silo of data that can differentiate roles, traffic patterns, context and data sensitivities.  We are talking a combination of intrusion detection, log management audits, identity and password management and SaaS single sign on and web authentication services.

Before the maturation of cloud-based security, ensuring the security of any cloud-based application could be problematic. There was significant investment and limited budgets for in various software,  time commitments, expertise and the great unknown of how dedicated the application developer was in the security of your data. To secure just this aspect of your business, you were looking at a 2:1 or 3:1 ratio of professional services on top of the licensing and required hardware installs. Now that security-as-a-service is not only an emerging (and tremendously cost-effective alternative) but tested choice, it provides a great latitude in terms of being able to properly keep in lock step with the challenges posed by applications…public, private and legacy.

So when deciding whether public, private or hybrid clouds make more sense for your organization, know that your choice should be dependent on the best option for your specific need. There are plenty of experts willing to weigh in on best practices for each. But when it comes to security, make sure you have the flexibility and scalability to securely manage your quickly disappearing perimeter.

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.