The Curse of Cloud Security

Seventh Annual Global Information Security Survey: Companies are clamoring for services in the cloud. But the biggest problem from a security perspective is that few understand what they're dealing with. (Second of a four-part series)

By Bill Brenner

Tue, October 27, 2009CSO Virtualization and cloud computing let you simplify your physical IT infrastructure and cut overhead costs, but you've only just begun to see the security risks involved.

Related podcast: Why Virtualization Security Is Such a Mess

Cloud Security: Danger (and Opportunity) Ahead
Cloud Computing Definitions and Solutions

Putting more of your infrastructure in the cloud has left you vulnerable to hackers who have redoubled efforts to launch denial-of-service attacks against the likes of Google, Yahoo and other Internet-based service providers. A massive Google outage earlier this year illustrates the kind of disruptions cloud-dependent businesses can suffer.

See also: Google FAIL and the Fog Over Cloud Security

That's one of the big takeaways from the seventh-annual Global Information Security survey, which CSO and CIO magazines conducted with PricewaterhouseCoopers earlier this year. Some 7,200 business and technology executives worldwide responded from a variety of industries, including government, health care, financial services and retail.

Jumping in, sans parachuteGiven the expense to maintain a physical IT infrastructure, the thought of replacing server rooms and haphazardly configured appliances with cloud services is simply too hard for many companies to resist. But rushing into the cloud without a security strategy is a recipe for risk. According to the survey, 43 percent of respondents are using cloud services such as software as a service or infrastructure as a service. Even more are investing in the virtualization technology that helps to enable cloud computing. Sixty-seven percent of respondents say they now use server, storage and other forms of IT asset virtualization. Among them, 48 percent actually believe their information security has improved, while 42 percent say their security is at about the same level. Only 10 percent say virtualization has created more security holes.

Security may well have improved for some, but experts like Chris Hoff, director of cloud and virtualization solutions at Cisco Systems, believe that both consumers and providers need to ensure they understand the risks associated with the technical, operational and organizational changes these technologies bring to bear.

"When you look at how people think of virtualization and what it means, the definition of virtualization is either very narrow -- that it's about server consolidation, virtualizing your applications and operating systems, and consolidating everything down to fewer physical boxes -- or it's about any number of other elements: client-side desktops, storage, networks, security," he says. "Then you add to the confusion with the concept of cloud computing, which is being pushed by Microsoft and a number of smaller, emerging companies. You're left scratching your head wondering what this means to you as a company. How does it impact your infrastructure?"

Cisco Systems
Loading...
Data Center MarketSpace
Virtualize SharePoint and SQL Server Now - Maximize Efficiency and Availability with Hyper-V R2 and NetApp
 Maximize Efficiency and Availability with Hyper-V R2 and NetApp Learn more »
Secrets to Shrinking Your Storage
Realize great capital and operational savings by leveraging Microsoft® Windows® 2008 Hyper-V™. Learn more »
Guidelines & Best Practices for Integrated Architectures
The NetApp technologies discussed in this technical report are important to achieving an integrated storage solution. Learn more »
Improve Underlying Storage Infrastructures Right Now
This paper addresses the many Exchange, SQL Server, and SharePoint implementations running on inefficient storage infrastructures. Learn more »
Advantages in the New Telecom Marketspace
The purpose of this paper is to explore smarter products and discover some best practices that businesses can employ to build smarter products and drive innovative technologies. Learn more »
Unleashing the Power of Customer Data
Best Practices for Database High Availability
 Best Practices for Database High Availability Learn more »
Connecting to the Cloud
F5 and VMware partner to enable live application and storage migrations between datacenters and clouds. Learn more »
 
SPONSORED LINKS
 

White Paper: Right-Sizing Your Power Infrastructure

Lower IT Costs with Oracle Database 11g Release 2

New technology that addresses challenges organizations are facing.

Maximizing efficiencies with unified communications.

Unified Communications: Thoughts, Strategies and Predictions. Join the discussion.

Cut Costs & Green Your IT Operations with PC Power Management

Webcast: Unleashing the Power of Customer Data

White Paper: Legacy Tools: Not Built for the Helpdesk

Taking a Seat at the Executive Table: The Reality of Virtualization

The Total Economic Impact of Network Security Intrusion Prevention

Generation Remote Infrastructure Management - Changing the Paradigm

Achieving Business Agility with Application Grid

Taking the Service Desk to the Next Level

Learn about The Information Technology Infrastructure Library.

Build your 1st app FREE with Force.com

Read about how to add efficiencies with Microsoft Virtualization.

Dark Fiber from Sunesys Save on Unlimited Bandwidth with Fixed Costs.

Forrester Webcast - Managing Desktop Support Costs

Be Prepared for Windows 7. Register for this Webcast Series.

Top Five CIO Challenges

AT&T Synaptic Storage as a Service. Expand on demand

Webinar: Jump-start your in-house e-discovery with Ringtail QuickCull from FTI Technology

Read the RSA report: Security for Business Innovation

64-page prescriptive guide to security, compliance, and IT operations.

Virtualization Technology as a Business Solution

State of the Data Integration Market

Server Consolidation: Leveraging the Benefits of Virtualization

Efficiency goes up. Costs come down.

Verint Systems. Discover the Power of Intelligence in Action"

Upgrading to VMware vSphere with vWire

See how AT&T can help protect your network.

White Paper: 5 Best Practices for Smartphone Support

Global Research: CIOs Weigh In On Virtualization

White Paper: Next Generation Remote Infrastructure Management

Seven Design Requirements for Web 2.0 Threat Protection

Cloud-Based Email Management: Opinion Shifts In Favor

Ready to virtualize tier one applications? Check your virtualization maturity.

Seven Ways ITIL Can Help You in an Economic Downturn

Tips for successful virtualization management.

Five CIO challenges addressed by better change management

CA ARCserve r12.5 is More Than Backup! Download Trial Version Today

Secure & simplify your data center w/Juniper Networks.

Gartner ITxpo Panel Webcast: Real-world Early Adoption of Windows 7.

Masters of Virtualization and Cloud Computing - Daily News

Stay informed with custom newsletters from Tech Dispenser

Trend Micro ranked #1 against real-world malware. Read more.

Streamline IT Costs. Boost Performance with WAN Optimization.

Build your 1st app FREE with Force.com

The rules of infrastructure management just changed.

A Clear View Toward Virtualization

 
 
RESOURCE CENTER
 
buy a link »
Ads by TechWords