Tip

Cloud computing security model overview: Network infrastructure issues

Char Sample, Senior Scientist, BBN Technologies and Diana Kelley, Partner, SecurityCurve

What is cloud computing?
Cloud computing is a method of delivering hosted services -- Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) – over the Internet

    Requires Free Membership to View

in a fast, cost-effective way. The technology has gained popularity in a weakened economy as enterprises seek ways to save money, but as always, this emerging technology presents certain risks, and it could open an organization to security vulnerabilities and threats.

In order to keep your enterprise secure, it is important to understand exactly how the cloud computing infrastructure works. In this cloud computing security model overview, we offer an introduction into the technology and examine how it operates. We will also highlight the importance of securing devices connecting to the cloud, as well as provide information on how to mitigate a variety of issues associated with cloud computing.


CLOUD COMPUTING SECURITY MODEL OVERVIEW
  Introduction to cloud computing security
  Secure devices that connect to the cloud
  Cloud computing security threats
 

Introduction to cloud computing security: Infrastructures issues
Creating a cloud computing infrastructure will move sensitive data out of the enterprise environment and in to the cloud, meaning professionals need to enhance security and update their architectures to address potential risk management and application delivery issues.

Although cloud computing services can be ideal for corporations in cutting capital hardware, data center management and threat management costs, the technology can also present several security issues if IT professionals don't have an accurate understanding of how the cloud computing infrastructure works, the benefits associated with the technology, the potential security issues organizations could face related to the cloud and how to avoid them. Read "Introduction to cloud computing security: Infrastructure issues"

Securing devices that connect to the cloud
Once an organization has a clear understanding of how the cloud computing infrastructure works, the next step is to delve deeper into the specifics of the technology. It is important to ensure devices connected to the cloud are secure, and with advancing technologies and means of obtaining Internet access, via smartphone or mobile devices for example, securing devices and thwarting hacker attacks is becoming more complicated and extensive.

In order to avoid attack, corporations should be enforcing acceptable usage and NAC policies, as well as configuration and patching guidelines, but how can an enterprise ensure appropriate security controls are in place through the cloud? The use of virtual private network (VPN) access to the cloud can help secure networks, but organizations must learn how to choose a VPN for the cloud and how to securely implement it, as well as any other mobile devices that connect to the cloud.

Cloud computing security threats and attacks
In order to steer clear of cloud computing infrastructure threats and vulnerabilities and ensure stable connectivity, it is imperative to properly secure both domain name servers (DNS) and routing paths.

Implementing DNS security, such as DNSSEC, is a good choice for most cloud computing security environment domains and endpoints. Also, developing denial-of-service (DoS) prevention techniques and router security tactics within an organization will help thwart successful attacks and enhance the security level in the cloud. If servers or routes are left unsecure, the infrastructure is susceptible to an array of vulnerabilities and threats, such as DoS and evil twin attacks.

About the authors:
Diana Kelley is a partner with Amherst, N.H.-based consulting firm SecurityCurve. She formerly served as vice president and service director with research firm Burton Group. She has extensive experience creating secure network architectures and business solutions for large corporations and delivering strategic, competitive knowledge to security software vendors.

Char Sample is a research scientist at BBN Technologies specializing in network security and integration issues.
 

This was first published in June 2009

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.