Cloud Security – A Major Concern for Enterprises

Cloud Security

I recently got an opportunity to attend a TiE event “TiE Cloud: Breakthroughs in Cloud Security” in Silicon Valley on 2nd Feb. This conference was hosted by Mr. Allwyn Sequeira, CTO & VP, Cloud Networking & Security, VMware and Mr. Pradip Shankar, Vice-President, Ericsson.

In many of the presentations and discussion forums in this event, looking at the questions and interest from the attendees, many of them emphasized on how to best set-up their cloud infrastructure securely. Cloud security continues to be a major concern for enterprises, in fact many of the CIOs expressed that they have no immediate plans to migrate to private cloud concerned by its complexity, security issues and fear of losing control over their data and privacy.

In one of the interesting presentation by Mr. Tim Mather who is an advisory director at KPMG, he focused on ‘The existing top security technologies that are broken by the cloud’:

  • Cryptographic Key Management
  • Data Leakage Prevention (DLP)
  • Data Sanitization
  • Federated Identity Management (FIM)
  • Security Incident & event Management (SIEM)

According to him the Virtual Private SaaS companies such as CypherCloud, Navajo Systems (recently acquired by Salesforce.com) and Big Data platforms such as Red Lambda and Splunk will do fair in the cloud security race and ‘SIEM’ may have to consider its multiple vendor policy in the long term.

Currently, the need for increased cloud security is a huge challenge and slowing down the enterprise adoption of the private cloud, also the mobile virtualization has increased the attacks on cloud servers. Public clouds like Amazon services are a prime target of hackers and proved to be easy to hack as evidenced with the recent issue with Sony Corporation.

Nowadays, many of the telecommunication companies are turning out to be the cloud service providers (CSPs), The Cloud Security Alliance (CSA) in the standard body with 29,000 members and 120 corporate members working hard on securing the cloud services. As mentioned in one of the blog post (Is your application a candidate for cloud migration?) by one of my colleague, the multiple efforts by the cloud infrastructure providers are putting as well as the advance security techniques are now available at application level itself, it is reducing the threat level significantly. Let’s hope the future of the cloud will be more secure and many enterprises will follow the best practices and will adopt the secure cloud.

One Reply to “Cloud Security – A Major Concern for Enterprises”

  1. There is no denying that data-security in the Cloud should be a major concern for companies. However, solutions can be very non-intuitive.

    Here is an architecture for secure cloud computing that does NOT require encryption, cryptographic key-management or even user credentials in the Cloud, but secures your data better in the Cloud than you probably are securing it today.. It has already proven itself in multiple Private Cloud deployments and is continuing to gain momentum around the world:

    IBM: http://ibm.co/rc3dw
    InfoQ: http://bit.ly/rc3infoq
    ISSA Journal: http://bit.ly/rc3issa
    OWASP: https://www.owasp.org/index.php/AppSecAsiaPac2012#Conference_Schedule
    Cornerstones of Trust:: http://cornerstonesoftrust.com/speakers
    Intl Conference on Advances in Cloud Computing 2012: http://www.acc-2012.org/

Leave a Reply

Your email address will not be published. Required fields are marked *