Information Technology
Building the Infrastructure for Cloud Security
Security is an ever-present consideration for applications and data in the cloud. It is a concern for executives trying to come up with criteria for migrating an application, for marketing organizations in trying to position the company in a good light as enlightened technology adopters, for application architects attempting to build a safe foundation and operations staff making sure bad guys don’t have a field day. It does not matter whether an application is a candidate for migration to the cloud or it already runs using cloud-based components. It does not even matter that an application has managed to run for years in the cloud without a major breach: an unblemished record does not entitle an organization to claim to be home free in matters of security; its executives are acutely aware that resting on their laurels regardless of an unblemished record is an invitation to disaster; and certainly past performance is no predictor for future gains. Irrespective of whom you ask, security is arguably the biggest inhibitor for the broader adoption of cloud computing. Many organizations will need to apply best practices security standards that set a much higher bar than that for on-premise systems, in order to dislodge that incumbent on-premise alternative. The migration or adoption of cloud services then can provide an advantage, in that firms can design, from the ground up, their new cloud-based infrastructures with security “baked-in;” this is in contrast to the piecemeal and “after the fact” or “bolted-on” nature of security seen in most data centers today. But even a baked-in approach has its nuances, as we shall see in Chapter 1. Cloud service providers are hard at work building a secure infrastructure as the foundation for enabling multi-tenancy and providing the instrumentation, visibility, and control that organizations demand. They are beginning to treat security as an integration concern to be addressed as a service like performance, power consumption, and uptime. This provides a flexibility and granularity wherein solution architects design in as much security as their particular situation demands: security for a financial services industry (FSI) or an enterprise resource planning (ERP) application will be different from security for a bunch of product brochures, yet they both may use storage services from the same provider, which demands a high level of integrity, confidentiality, and protection.
No copy data
No other version available