Product Group Tests
Emerging products: Cloud securityJune 02, 2014
We have entered the age of “The Cloud.” In many regards the cloud is just old wine in new bottles. More and more we hear seasoned professionals accept this notion because, really, the cloud is just another form of time sharing that has been with us for decades. But there are a couple of wrinkles that are starting to turn the cloud into a useful paradigm.
We have entered the age of "The Cloud." In many regards the cloud is just old wine in new bottles. More and more we hear seasoned professionals accept this notion because, really, the cloud is just another form of time sharing that has been with us for decades. But there are a couple of wrinkles that are starting to turn the cloud into a useful paradigm.
We took a look this month at some technologies that actually make the cloud a unique and perhaps critical solution to the huge problem of malware, APTs and the ever-increasing attacks against the enterprise and, more important the users and data on it. In fact, these products - services, really - are perhaps the best, if not the only, solutions to the types of problems that did not exist in the old days of time sharing.
Today we are in a world of distributed computing. Any remote computing capability must address that distributed model. We also are deeply embroiled in mobile computing and that includes BYOD. Now the computing model becomes even more complex. So this month we take a brief excursion into the cloud and we examine three cloud security services.
To be fair, though, they are not all pure security services. Two are, rather, cloud services whose main attraction may be the security they provide. One, for example, is better described as a secure data center in the cloud. Another is a secure application delivery system. The third - and this is pure security in the most classic sense - provides encryption for data in and passing through the cloud.
Back to our discussion of The Cloud. Without belaboring the issue too much, cloud computing means that you are relegating your organizational computing to systems completely outside of your control. You no longer control the data center. You no longer control security policy or its application and you no longer control access. You now depend on an organization - over which you have virtually no control - to manage your organizational data, and you transfer your trust from systems and policies you control to someone who has a contract that usually prohibits you from even the most fundamental security functions since the infrastructure is not yours.
Moreover, you do not control the employees, the employment criteria or physical access. In short, you are handing off your data to strangers and hoping that the little piece of paper that constitutes your agreement with them is sufficient to keep you data from damage, loss or worse. Nobody in his or her right mind would do that. Right? Wrong. Cloud computing is the fastest growing segment of computing and it is up to users to beware of the pitfalls.
That fact - and it is fact, not supposition - has generated an emerging product type that lets cloud users take back control. It also could not be done any other way than from the cloud itself. Because the cloud is a virtualized environment it is, by its nature, multi-tenancy. That makes cloud computing a sort of free-for-all that requires user organizations to find some way to achieve the same benefits as they would have with their own data centers.
The three services we look in the following pages are doing exactly that and more. For example, the availability of data centers around the world that are in synchronization makes every remote access behave as if it was local. Performance soars and security is solid. Having such things as malware control in the cloud has two big advantages. First, the aggregation of data from thousands of users allows on-the-fly currency of malware signatures. Second, forcing users to access dangerous places through a protective barrier that is always on and always available reduces damage to organizational data assets to nearly nothing.
And that protection of users in a multi-tenant environment? By protecting the data and the access to the internet on a per-user basis virtual isolation takes over and the results are that performance and security exceed the old data center model.
So, about that new bottle stuff...the bottles are fantastic and the wine is delicious.