Security Concerns Over a Data Center in the Cloud

With the data center moving to various cloud configurations, server provisioning will be a concern.

By Mathias Thurman
Mon, May 07, 2012

Computerworld — My company has outgrown its offices and will be moving to a new facility next year. While the company as a whole will have more space, the data center will shrink to less than half the square footage it now occupies. The goal is to decrease the data center footprint by 60%.

Trouble Ticket

SaaS server provisioning could lead to security woes. Action plan: Implement tight security, application and infrastructure controls.

Naturally, the cloud will be key to that data center shrinkage. And of course, whenever the cloud comes into play, security concerns have to be taken into consideration.

At this point, we have a lot of experience with cloud infrastructure. We usually choose software-as-a-service vendors for new enterprise applications, our engineering departments build demos in public cloud environments, and even our own product is a SaaS offering.

We will be hosting our servers in three types of environments. The first, a public cloud provider such as Amazon EC2, will have no relationship with our internal network. The second is what I call a hybrid cloud in which we host infrastructure (including virtual servers) at a third-party data center and build a VPN tunnel back to our company, creating a trust relationship. The third is a private cloud, where we will host a virtual environment on our own network.

To govern, automate, control and gain visibility into these various environments, we've been looking at a couple of companies that offer a one-stop shop for the provisioning of servers in all three cloud environments. This is the part that scares me. I don't want engineers who access this new platform to be able to provision a server on our company's DMZ, by mistake or otherwise. Nor do I want them to be able to provision critical production servers on Amazon. I'm very sensitive about our Internet exposure.

I'm also uncomfortable with the idea that much of our data center infrastructure will be accessible from anywhere on the Internet. Today, if an engineer wants to provision a server, he has to be physically located in one of our facilities or be on our company network. The cloud opens things up so much that a server could be provisioned from an untrusted Internet kiosk in Mexico, for example.

Therefore, I've asserted five security requirements for this initiative.

The first is that access to the new platform, and any company-sensitive data stored on it, must either be restricted by IP address or incorporate some form of two-factor authentication. Regardless, access needs to be encrypted.

1 2 next page »

Originally published on www.computerworld.com. Click here to read the original story.

More from CIO

You are here: Technology Topics » Cloud Computing » Feature

Most Recent Cloud Computing Stories

White Papers »

Total Cost of Ownership Comparison of MongoDB & Oracle

In this white paper, we compare the total cost of ownership (TCO) of MongoDB and Oracle. It can be faster and cheaper to develop and deploy applications on MongoDB than on Oracle Database.

How Apollo Group Evaluated MongoDB

Apollo Group, best known as the parent company of the University of Phoenix, sought to build a cloud-based learning management platform and needed a new data store to support it.

Big Data: Guidelines for the Enterprise Decision Maker

In this paper, we begin with a description of Big Data and the data management landscape. Next, we describe examples of customers innovating with Big Data using MongoDB, the leading NoSQL database, which has been a catalyst of the Big Data movement.

Putting The Cloud To Work For Your Mobile App

Utilizing the cloud can give your mobile app's performance a boost and can help diminish the worry of an outage by optimizing how you configure your DNS.

Cloud Impacts and Outcomes for Business Leaders

Learn More

Wanted: A Trusted Provider for Public Cloud Services

Learn how Dell's cloud strategy, built on the highest level of VMware integration and security, is enabling enterprises to get out of the data center business by leveraging Dell as a trusted cloud service provider.

Webcasts »

Innovation in the Cloud

Managing HR and financial information in the modern business requires efficient business practices and technology.

Business Transformation with the Cloud

Learn about the economic benefits of the cloud, the myths that surround the cloud, how you can drive IT as a service success, and more.

Video Conferencing: A Dive Into The Industry's Hottest New Trends

View Now!

IDC Webinar: Finding the Key To Unlock Cloud Connectivity Performance

Improving the performance of Cloud-delivered business apps is shaping the evolution of enterprise WANs. In this on-demand webinar, IDC analyst Melanie Posey gives insight into how network performance fuels Cloud-based app performance.

Turbocharge Your Business: Leveraging SaaS to Drive Innovation and Results

Learn how sales, finance, marketing, procurement, and supply chain leaders are leveraging SaaS to become more agile and serve the customer better.

B2B Integration on Cloud: Real World Solutions and Technology Advances

Watch the webcast with IBM experts to learn about the advancing capabilities and strategic direction for B2B Integration on Cloud.