Staying Safe when you Open the Door to the Cloud

Staying Safe when you Open the Door to the Cloud

Summary: Every day, it seems, I open the paper and there’s a big splash about a security breach. If you’ve ever bought anything online, played a games console, or used an online bank, your data is under attack.

SHARE:
TOPICS: Cloud
2

Every day, it seems, I open the paper and there’s a big splash about a security breach. If you’ve ever bought anything online, played a games console, or used an online bank, your data is under attack. Several big companies (whose names you already know) have lost sensitive customer data, and damaged their reputations as a result. Recently, a hacking group published a phone number to take requests for companies they should target next. Every business has to be vigilant, and security must be a top priority for customer data.

So it’s no wonder that popular wisdom tells us that companies often shy away from cloud computing because they’re worried about security. What’s telling here, however, is not that people say the cloud is less secure so much as that they’re worried it might be. After all, if all your data is in a big building you own, and you’re holding the keys, it feels secure. With cloud computing, you might not know where your data is held, or who else is hosting applications on the same hardware, so it might feel less secure. That can be an illusion, though. If I had a million pounds, I’d rather it was kept in a bank than in a locked box in my bedroom, and cloud service providers can only survive by demonstrably offering the highest standards of security.

But I would urge anyone with an eye on the cloud to remember that there’s a lot of work taking place now to strengthen the security of cloud computing architectures. I recently attended the Day in the Cloud event in Belgium, where I saw a demonstration of trusted compute pools run by VMware and HyTrust, and enabled by Intel Trusted Execution Technology (TXT). A trusted compute pool enables organisations to have confidence that their software stack is running securely by creating a set of servers which is capable of carrying out a trusted boot process at the hardware layer. This kind of technology makes it possible to use the cloud while keeping confidence that you have absolute control over your IT resources. There will be more solutions to come, too.

One way you can increase the security of your cloud deployment is to use proven best practices, and these are now being documented and published. Intel Cloud Builders has published a free reference architecture to enhance cloud security, based on real IT experiences. It shows you how to create a secure cloud infrastructure with VMware vSphere, Intel Xeon processor-based platforms and a HyTrust Appliance, and the guidelines are available to freely download and use.

As the prominent coverage of data breaches in the press, blogs and forums shows, people care about security. A lot. They trust companies with their data, and expect them to look after it. But security concerns need not stop you adopting the cloud, though: the tools and guidelines are there for a secure deployment.

What are your thoughts? Is security really holding you back from investing in the cloud? Has it been challenging to achieve high security standards in your existing cloud deployment? I’d love to read your comments below.

Topic: Cloud

Alan Priestley

About Alan Priestley

I'm a multi-year Intel veteran, and currently hold the role of Strategic Marketing Director within EMEA.

My time with Intel began with a role supporting all the PC design accounts in the UK - back in the days when the i286 was the latest and greatest processor on the Intel roadmap. Since then, I've moved through various technical and product marketing roles, including being responsible for launching the Xeon processor product line in EMEA and managing the Itanium program office.

At present, I'm responsible for Intel's high-end server business and Cloud Marketing strategy in EMEA. This puts me at the hub of major developments in both server technology, and the cloud ecosystem it's powering. I'm now very involved with the Intel Cloud Builders programme.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Hi Alan, I think security concerns are a big issue for the emergence of the cloud. Especially in a place like Africa where there is a still of uncertainty about internet security for example. I have a blog post about the future of cloud computing in Africa here: http://ifeadebayo.blogspot.com/2011/07/cloud-revolution-opportunity-for-africa.html. I believe the cloud is the future though and as frameworks are developed and regulations put in place many more companies will have more faith in the process.
    anonymous
  • Cloud provides lots of interesting opportunities for business that are not cash rich, especially in developing markets, giving access to sophisticated compute infrastructure and applications on a pay-as-you-go basis. The work that’s happening to solve the security concerns of ‘big’ IT benefits smaller organisations using the cloud to accelerate their business growth. I believe small companies need to take the same approach to cloud as larger companies – evaluate what workloads and applications are best served by using cloud services and to understand the nature of the service you plan to utilise – there’s no such thing as a ‘free lunch’. You may be better off paying for a service and having an agreed SLA than using a free service and hoping they meet your business needs.
    alan.priestley@...