Cloud Security: You Can Never Stand Still

by Dana Gardner [Published on 29 Jan. 2015 / Last Updated on 29 Jan. 2015]

Cloud security is not a new topic - but it’s one that remains both under the microscope and in the headlines. There’s good reason for that, given the proven risks of cyber attacks in and from the cloud.

Now, a new report from Skyhigh Networks is offering a sobering look at rising security risks, including massive malware exposure and government spying. According to the Skyhigh Cloud Adoption and Risk Report, there’s been a 33%  increase in the number of cloud services in use and a 21%  increase in cloud service usage overall.

At the same time, the percentage of cloud services that are “enterprise ready” has dipped from 11%, which wasn’t strong to begin with, to a mere 7%. The bottom line, says the report, is “a majority of new cloud services used by employees are exposing organizations to risk.”

It means users themselves must remain vigilant and never let their guard down, even as they may assume they are outsourcing security along with IT services to the cloud providers.

Against this backdrop, we’re seeing companies like HP work to ease enterprise IT cloud fears and risks with such new solutions as Helion, a new indemnified cloud infrastructure distribution built on OpenStack. HP is betting that many enterprises will want to retain control and assurance of security (among other key performance indicators) by first adopting private cloud, and then moving to hybrid cloud services as they gain trust and verification before jumping too deeply into the public clouds.

To help prove it’spoint, HP is investing at least $1 billion in its new portfolio of cloud services. And cloud security startups are raising millions in cash even while the fallout from Heartbleed continues with news that nearly 400 enterprise cloud apps are vulnerable to the malware.

The high cost of unwanted intrusion and malware across corporate networks is well known. Less talked-about are the successful ways that organizations are thwarting ongoing, adaptive and often-insider-driven security breaches. These would also hold true for private cloud deployments. Intrusion technologies are one way to tackle the problem, regardless of the types of infrastructure and networks.

TippingPoint technology, for example, is an appliance-based technology. It’s an inline device. We deploy it inline and on-premises,” says Jim O'Shea, Network Security Architect for HP Cyber Security Strategy and Infrastructure Engagement. “It sits in the network, and the traffic is flowing through it. It’s looking for characteristics or reputation on the type of traffic, and reputation is a more real-time change in the system. This network, IP address, or URL is known for malware, etc. That’s a dynamic update, but the static updates are signature-type, and the detection of vulnerability or a specific exploit aimed at an operating system.”

That’s one tactic, one that combines the best of cloud to access updates while being deployed locally. Here’s another: businesses need to gain a better sense of state and risk over their operations. That was the gist of a recent panel discussion from The Open Group. To gain a fuller grip on such risk and complexity, The Open Group is shepherding a series of standards and initiatives, including the Trusted Technology Forum, to provide better tools for understanding and managing true operational dependability.

“In an organization, risk is a board-level issue, security has become a board-level issue, and so has organization design and architecture,” says Allen Brown, President and CEO of The Open Group. “They're all up at that level. It's a matter of the fiscal responsibility of the board to make sure that the organization is sustainable, and to make sure that they've taken the right actions to protect their organization in the future, in the event of an attack or a failure in their activities.”

So where do we go from here? Paul Muller, Chief Software Evangelist at HP, says the burgeoning strengths of big data analysis can be used to improve security and provide insights into what's going on within systems and across the cloud divide.

“I increasingly find that one of the greatest sources of potential intelligence about an imminent threat is through the operational data, or operational logs. By sharing that situational awareness between the operations’ team and the security organizations, you can not only get better hygiene, but an improved security outcome through a heightened sense of what's actually going on, within the infrastructure” regardless of where it resides, said Muller.

HP’s Brett Wahlon sees a need to overcome the lack of security resources. “If we look back on how we used to do security, trying to determine where our enemies were coming from, what their capacities were, what their targets were, and how we're gathering intelligence to be able to determine how best to protect the company, our resources were quite limited,” says Brett Wahlin, Global Vice President and Chief Information Security Officer at HP. “We've found that through the use of big data, we're now able to start gathering reams of information that were never available to us in the past. We tend to look at this almost in a modern-warfare type of perspective,” says Wahlin.

See Also


The Author — Dana Gardner

Dana Gardner avatar

Dana Gardner (http://www.linkedin.com/in/danagardner), Principal Analyst at Interarbor Solutions (http://www.interarbor-solutions.com) and host of the BriefingsDirect blog (http://briefingsdirectblog.blogspot.com) and podcast (http://www.briefingsdirect.com), has been an IT industry analyst for 15 years. He can be followed on Twitter at http://twitter.com/Dana_Gardner.

Latest Contributions