What is cloud computing? Cloud computing is a method of delivering hosted services -- Infrastructure as a Service
(IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) – over the Internet in a fast, cost-effective way. The technology has gained popularity in a weakened economy as enterprises seek ways to save money, but as always, this emerging technology presents certain risks, and it could open an organization to security vulnerabilities and threats.
In order to keep your enterprise secure, it is important to understand exactly how the cloud computing infrastructure works. In this cloud computing security model overview, we offer an introduction into the technology and examine how it operates. We will also highlight the importance of securing devices connecting to the cloud, as well as provide information on how to mitigate a variety of issues associated with cloud computing.
Introduction to cloud computing security: Infrastructures issues
Creating a cloud computing infrastructure will move sensitive data out of the enterprise environment and in to the cloud, meaning professionals need to enhance security and update their architectures to address potential risk management and application delivery issues.
Although cloud computing services can be ideal for corporations in cutting capital hardware, data center management and threat management costs, the technology can also present several security issues if IT professionals don't have an accurate understanding of how the cloud computing infrastructure works, the benefits associated with the technology, the potential security issues organizations could face related to the cloud and how to avoid them. Read "Introduction to cloud computing security: Infrastructure issues"
Securing devices that connect to the cloud
Once an organization has a clear understanding of how the cloud computing infrastructure works, the next step is to delve deeper into the specifics of the technology. It is important to ensure devices connected to the cloud are secure, and with advancing technologies and means of obtaining Internet access, via smartphone or mobile devices for example, securing devices and thwarting hacker attacks is becoming more complicated and extensive.
In order to avoid attack, corporations should be enforcing acceptable usage and NAC policies, as well as configuration and patching guidelines, but how can an enterprise ensure appropriate security controls are in place through the cloud? The use of virtual private network (VPN) access to the cloud can help secure networks, but organizations must learn how to choose a VPN for the cloud and how to securely implement it, as well as any other mobile devices that connect to the cloud.
Cloud computing security threats and attacks
In order to steer clear of cloud computing infrastructure threats and vulnerabilities and ensure stable connectivity, it is imperative to properly secure both domain name servers (DNS) and routing paths.
Implementing DNS security, such as DNSSEC, is a good choice for most cloud computing security environment domains and endpoints. Also, developing denial-of-service (DoS) prevention techniques and router security tactics within an organization will help thwart successful attacks and enhance the security level in the cloud. If servers or routes are left unsecure, the infrastructure is susceptible to an array of vulnerabilities and threats, such as DoS and evil twin attacks.
About the authors:
Diana Kelley is a partner with Amherst, N.H.-based consulting firm SecurityCurve. She formerly served as vice president and service director with research firm Burton Group. She has extensive experience creating secure network architectures and business solutions for large corporations and delivering strategic, competitive knowledge to security software vendors.
Char Sample is a research scientist at BBN Technologies specializing in network security and integration issues.