I recently got an opportunity to attend a TiE event “TiE Cloud: Breakthroughs in Cloud Security” in Silicon Valley on 2nd Feb. This conference was hosted by Mr. Allwyn Sequeira, CTO & VP, Cloud Networking & Security, VMware and Mr. Pradip Shankar, Vice-President, Ericsson.
In many of the presentations and discussion forums in this event, looking at the questions and interest from the attendees, many of them emphasized on how to best set-up their cloud infrastructure securely. Cloud security continues to be a major concern for enterprises, in fact many of the CIOs expressed that they have no immediate plans to migrate to private cloud concerned by its complexity, security issues and fear of losing control over their data and privacy.
In one of the interesting presentation by Mr. Tim Mather who is an advisory director at KPMG, he focused on ‘The existing top security technologies that are broken by the cloud’:
- Cryptographic Key Management
- Data Leakage Prevention (DLP)
- Data Sanitization
- Federated Identity Management (FIM)
- Security Incident & event Management (SIEM)
According to him the Virtual Private SaaS companies such as CypherCloud, Navajo Systems (recently acquired by Salesforce.com) and Big Data platforms such as Red Lambda and Splunk will do fair in the cloud security race and ‘SIEM’ may have to consider its multiple vendor policy in the long term.
Currently, the need for increased cloud security is a huge challenge and slowing down the enterprise adoption of the private cloud, also the mobile virtualization has increased the attacks on cloud servers. Public clouds like Amazon services are a prime target of hackers and proved to be easy to hack as evidenced with the recent issue with Sony Corporation.
Nowadays, many of the telecommunication companies are turning out to be the cloud service providers (CSPs), The Cloud Security Alliance (CSA) in the standard body with 29,000 members and 120 corporate members working hard on securing the cloud services. As mentioned in one of the blog post (Is your application a candidate for cloud migration?) by one of my colleague, the multiple efforts by the cloud infrastructure providers are putting as well as the advance security techniques are now available at application level itself, it is reducing the threat level significantly. Let’s hope the future of the cloud will be more secure and many enterprises will follow the best practices and will adopt the secure cloud.