Trend Cloud Security Blog – Cloud Computing Experts
Think Again When It Comes to Cloud Security
Posted by Steve Quane in Secure Data Centers, Securing the Cloud, Virtualization Mar 2nd, 2010 | no responsesAs we started building out the Trend Micro Smart Protection Network four or five years ago, we realized that the shift to the cloud was going to be a major platform shift for the datacenter. We wondered if other datacenter operators were encountering the same types of issues that we were encountering. So we went out to various enterprises and asked them about the security issues around private and public clouds.
The datacenter operators told us they had no security issues and were completely secure. However, the CSOs told a different story. They said they didn’t know whether there were security problems in their datacenters. After further investigation, we found that indeed there are a lot of security issues in the data center. As we dug deeper, we kept hearing about the operational issues related to the platform shift to virtualization and the cloud, but we didn’t hear much about malware concerns. Traditional server security is perimeter-based. We hear a lot about the potential for rogue VM attacks, and while we haven’t seen such an attack, it’s completely possible that they could occur.
The companies to whom we talked had a range of security solutions deployed, from traditional AV deployed on every VM (which hammered performance) to absolutely no security deployed on thousands of VMs. There are two problems facing the datacenter today with regard to security:
- Problem #1: The existing network-based security model can’t keep up with the pace at which virtualized servers are being brought online and clearly won’t work for companies wanting to use a public cloud.
- Problem #2: Data protection is the most strategic concern, but how do you protect data that is mobile and distributed?
The second problem is extremely relevant to the public cloud. Even if a vendor can guarantee that only the vendor will touch a customer’s data, the customer doesn’t know who at the vendor will be touching that data. There’s no guarantee that customer data is safe from compromise or copying.
What’s required for cloud security is a shift in thinking. Instead of preventing the data from moving – which is completely unrealistic in today’s dynamic world– we have to have protection surround and move with the data. At Trend we see two solutions:
- A host security model where the host protects itself. (Trend Micro Deep Security)
- An encryption model enabling enterprises to maintain better control of their data in private and public clouds. It won’t matter whether the environment where the data sits is untrusted because the data will be secured. If a customer wants to move the data to another cloud vendor, they can do it while having the security surround their data and not rely on an individual cloud provider. This encryption model can help further the move to the public cloud. (New Trend solution coming soon)
Stumble It!Subscribe
Trend Cloud Security Blog – Cloud Computing Experts
- Do You Encrypt Your Data? A Plea to Businesses from an Identity Theft Victim February 2, 2012
- How Big Data Got Here, and What’s Still Missing February 1, 2012
- A shiny new website, made just for you … January 21, 2012
- Savings with Cloud Security — A Look at the Numbers January 19, 2012
- Government Data Seizures is Only One Type of Data Loss January 18, 2012
- Patriot Act is not the first (nor likely) last law of its kind January 16, 2012
- The USA PATRIOT Act is Bad for Business January 12, 2012
- Why the Cloud Kills Hardware January 10, 2012
- The Cloud Ate My Homework January 6, 2012
- The Link Between Browser Share, Cloud Computing, and Security January 4, 2012