By Ariel Dan | Article Rating: |
|
January 23, 2015 11:00 AM EST | Reads: |
4,288 |

Cloud security is a top concern for chief security officers. In almost any enterprise, cloud migration is a given fact and recent attacks have proven, yet again, that data security is a critical component in any cloud migration strategy.
Below are four tips, specific to Infrastructure as a Service (IaaS) cloud security.
- Migrate your data - own your security
When moving to the cloud, companies have the natural tendency to look for security solutions from their cloud provider of choice. IaaS providers are very good at managing storage, computation resources, and virtual machines, but in most cases they can't provide data security solutions that are as secure as if you were to manage them yourself.
Keep in mind the shared responsibility model when planning a secure cloud migration, and verify carefully which tools are provided by your cloud provider, and which tools should be integrated by you.
In most IaaS clouds, your responsibility starts at your host VM level and goes all the way up to the application security level. Ensure you are in control of your security tools.
Let's take cloud encryption as an example: make sure your encryption keys are owned by your organization, not by the cloud provider. This is the only way you can prove your data is in compliance and safe from preying eyes.
- Adopt cloud-friendly security tools - Get some CTO love
Cloud security means many things to many people. The CTO in your organization is most likely heavily focused on making infrastructure cloud deployments as automated and seamless as possible.
Integrating traditional security tools like those you're used to using in your on-premise data center might prove to be very complicated to use in the cloud, and may thus eliminate many of the cloud automation advantages.
When possible, try to use tools specifically tailored to the cloud. Dome9 does a wonderful job providing an IaaS firewall, Incapsula provides a Web Application Firewall solution for such clouds, and Porticor provides an innovative key management and encryption solution for multiple IaaS clouds.
Leveraging such tools will ensure you get the most secure deployment while your IaaS cloud continues to use automation and orchestration tools.
- 2015 is the year of "encrypt everything"
From the attacks on Target and EBay to the most recent breach of Sony Pictures, attackers are targeting your organizational data. We said it before (for example here), encrypting your data should be a high priority for any organization.
Encryption is an obvious requirement if you deal with financial, medical and other regulated data, but almost any company today stores private information relating to its employees and such information should be encrypted at all times, and most certainly in infrastructure clouds.
The importance of encryption is not in its ability to identify or prevent an attack; there are other tools for that. The assumption is that some attacks will eventually succeed. Encrypted data would render stolen data unusable, and therefore we believe more and more companies will adopt an "encrypt everything" approach as part of their cloud strategy.
- Make sure your plan sticks for multiple clouds
Last, validate your plan against multiple clouds. "Sandbox" a few private and public clouds and ask yourself if your strategy sticks. Can you use your firewall across all cloud deployments? Will you be able to leverage your current key management solution effectively in the cloud?
In many cases you'll realize that your current tools are not sufficient for a public or hybrid cloud deployment. This is a great exercise to run early in the decision making process, as budgeting for a new "security wardrobe" might be needed.
Published January 23, 2015 Reads 4,288
Copyright © 2015 Ulitzer, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
More Stories By Ariel Dan
Ariel Dan is co-founder and Executive Vice President at Porticor cloud security. Follow him on twitter: @ariel_dan
- The Top 250 Players in the Cloud Computing Ecosystem
- Cloud People: A Who's Who of Cloud Computing
- Ulitzer Names the World's 30 Most Influential Cloud Computing Bloggers
- 4th International Cloud Expo: Photo Album
- Cloud Expo New York to Attract More Than 8,000 Delegates
- The Cloud Computing Kettle Heats Right Up
- Industry Experts Discuss the State of Cloud Computing
- Cloud Expo and The End of Tech Recession
- 4th International Cloud Computing Conference & Expo Starts Today
- SYS-CON.TV: Cloud Computing Expo Power Panel