7 Ways Cloud Computing Propels IT Security
A spate of high-profile public and private cloud security breaches is helping to push advancements in security such as encryption. Here's a look at 7 ways the cloud may be the largest driver of IT security today.
![](https://eu-images.contentstack.com/v3/assets/blt69509c9116440be8/blt79e721871e158658/64cb3941d512227d00139826/Slide1_Intro_CloudSecurity_chargerv8_iStock_000077430721_Large.png?width=700&auto=webp&quality=80&disable=upscale)
To some, cloud computing and IT security do not intersect. The results are often disastrous. Considering the huge amount of press that cloud computing receives when breaches occur, it's easy to understand why they believe that. But if you look at IT security from a wider lens, you'll see that cloud computing technologies are actually helping to propel IT security at rates never seen before.
Indeed, some of the advancement of security mechanisms and architectures such as end-to-end encryption can be traced back to public and private cloud security breaches where sensitive data was stolen for profit or fun.
This brought the topic of encryption to the forefront of conversation in CIO circles around the globe. It also likely contributed to the recent skyrocketing adoption rates for encryption. According to a recent Ponemon Institute study that polled more than 5,000 IT and business managers from various parts of the world, 41% said that encryption has been adopted extensively in their organizations, an increase from 16% in 2005.
The fact goes to show that shortcomings of cloud computing -- especially from a security perspective -- are being addressed with better tools and processes.
[See 10 Cloud Jobs in Highest Demand Now.]
Other reasons why the cloud is driving security have to do with the flexible architecture infrastructure administrators now hold in their hands. Because cloud architectures are virtualized and driven by software, we suddenly have a vast amount of control over the design and deployment of an infrastructure. Add to it the wide availability of security tools with very low upfront costs, and you have a nearly bottomless security tool chest to pick and choose from.
Also, because of its distributed nature and fault-tolerant architecture, the cloud is becoming the de facto place to deploy security tools and services. The concept of private enterprise has long melted away. It now simply makes sense to start deploying the majority of security tools where we compute and where we store data the most.
Here are seven reasons why the cloud is the single largest driver of IT security today. Take a look and let us know how (or if) you think the cloud can take IT security to the next level.
With all the data breaches that have been occurring over the past few years within the private sector, governments, and with service providers, it's no wonder that cloud customers are seriously concerned about protecting their data as it rests in a third-party operated cloud. Because of the concern with cloud data breaches, we see a significant adoption rate of data encryption -- while data is either at rest or in motion.
One of the most difficult problems facing enterprise companies today in terms of IT security is finding qualified individuals to implement and manage security tools. The cloud is helping to shift this burden from businesses by offering many security solutions such as malware, email, and Web security tools as cloud-based services.
Cloud computing companies -- primarily those dealing with infrastructure-as-a-service and platform-as-a-service offerings -- are giving businesses the freedom to pick and choose what security tools they want to have or try in their cloud infrastructure. Cloud marketplaces offer a huge amount of security options to try out and integrate into your production network at prices that are often significantly less than purchasing a solution outright and implementing it in-house.
One of the bigger issues when it comes to cloud computing is a lack of visibility at lower layers. This low visibility creates potential blind spots where security vulnerabilities -- and possibly breaches -- can occur. To help alleviate the visibility problem, tech companies are hard at work developing new security solutions. Things like Microsoft's Customer Lockbox for Office 365 is a great example of assistance for the problem. The Customer Lockbox gives customers the assurance that they have full control over who has access to their cloud-stored content. This includes Microsoft cloud engineers themselves.
Several security protocols, such as secure socket layer (SSL), require a trusted third party to verify that the two parties that wish to speak to each other are indeed who they claim to be. The problem with third-party verification is that it is expensive and overly centralized.
An alternative to third-party verification is known as blockchain. It's the verification system that digital currency Bitcoin relies on. With blockchain, you eliminate the need for a trusted third party and instead rely on a distributed consensus method. It's highly secure and becoming so popular that IBM has recently announced it is placing a significant portion of its weight behind it.
Thanks to the advances of big data -- with the help of massive cloud computing architectures -- we are now seeing huge leaps in authentication technologies. For example, big data can be used to "gather information from several sources, including user behavior and device usage, to create a profile that is unique to the account owner." Once created, the profile can be used to monitor and detect potential malicious authentication activities that would be outside of the norm for that given profile. Not only will this type of authentication be more secure, it will be virtually transparent to the end-user.
Several security vendors are building massive, cloud-based security services that essentially deploy thousands of security sensors around the globe. These threat intelligence clouds then monitor global traffic to identify emerging security anomalies that could pose threats to customers. Once identified, the vendor then pushes various protections down to customer firewalls, intrusion prevention systems, and other on-premises security tools to eliminate the potential threat. All of this is done in real-time, in an automated fashion, all thanks to the cloud.
We're all becoming part of the cloud -- both in our daily lives and for conducting business. It stands to reason that the underlying architecture we rely on most is paving the way for the latest security tools' services and innovations. At the end of the day, we simply want to keep our digital lives and businesses safe. For most of us, data security and cloud security now go hand-in-hand.
We're all becoming part of the cloud -- both in our daily lives and for conducting business. It stands to reason that the underlying architecture we rely on most is paving the way for the latest security tools' services and innovations. At the end of the day, we simply want to keep our digital lives and businesses safe. For most of us, data security and cloud security now go hand-in-hand.
-
About the Author(s)
You May Also Like