Cloud Security

With the threat landscape growing day by day, the technology investments by the business are in serious considerations of security across the enterprise. With the cloud adoption in the past years and the forecast made solution providers to invest largely in securing cloud infrastructure.

With the mobile devices are in rapid growth at the enterprises, the IT Model is changing to a model where the provisioning of information areavailable on a timely manner on a simple click. The traditional infrastructure of centralized servers are getting consolidated to the cloud.  The organizations are realizing the benefits of moving to cloud with the concerns over the security and availability at the same time.

The organizations security needs are changing because of the ongoing transitions of IT infrastructure and the challenge is to provide employees with an effective way to use the cloud services while addressing the security and policies.

IT Governance, Risk and Compliance are the major factors of any cloud offering and organizations needs to look at these aspects to provide a perfect model. The four security issues need to be addressed while defining the model such as

With devices moving around between clouds, identifying and setting policies for critical data and applications are the primary step in any cloud security polcy.  Policies should be  in line with the business needs, resources, compliance and security architecture. The defined policies will need to move with your data and resources as they migrate, which will create new challenges in maintaining the security and compliance.

While mobilizing the data and resources to the cloud, organizations need to consider various aspects such as data classifications and life-cycle management, Compliance and audit policies with reporting, Scalability and performance.  In a cloud services model, multiple parties’ data may be existing and the services or applications may exist in a single physical server running virtual machines.  This creates concerns for the security, compliance and audit team to think about

  • How to control the data and applications?
  • How the segmentation between data is functioning between those virtual resources?
  • How to Audit and control of the data stored in the public cloud with not much visibility into the provider’s infrastructure.

Matured cloud security solutions provide various options for the customers to secure their data and address these concerns. These solutions introduces Firewall and network access control between the virtual resources with proper network policies managed by the customers.  Segmentation or zones created between the resources and virtualized platforms creates the security boundaries and protects the critical data.

Identity management including user/device provisioning and de-provisioning is one of the main challenges for organizations moving to a cloud or virtualized environment, where the resource allocation are dynamic and mobile.   The cloud providers adopts different ways to address the Identity and access control by implementing different authentication methodologies depends upon the deployment model.  Single sigon, Two factor authentication, Digital certificates are widely used across various cloud solutions to address concerns.

iam

Microsoft uses various authentication methods and the below figure illustrates accessing services thru SSO authentication.

Most public cloud providers have features that can restrict access to resources, but few are truly content-aware.  If these controls do not have context for the data they contain, and specific policies that can identify the data as it traverses the cloud environment logically or geographically, the chances of data leakage is high and detection is difficult.

For private cloud setups, The Data Leakage Prevention (DLP) Solutions can be implemented as the owner of the cloud can define and control the policies over their data.

Incident Reponses and Assessment

Incident response in cloud environments requires strong infrastructure management along with robust monitoring and alerting mechanism. For Private clouds, organizations need to have strong management capabilities and visibility into their systems. Virtualization tools helps us to run the infrastructures and setup own monitoring. Some of these tools include virtualization-specific log management, and intrusion detection, security event management, anti-malware and quarantine capabilities (including Network Access Control, or NAC).

In the case of Public clouds customers needs to know how the service provider monitor and stores the data and how does the auditing happens?  It is also important to know how the data segregation happens between different customers data if they are existing in same servers.  The cloud providers gives you various controls in terms of tools such as virtualization monitoring, SIEM, NAC etc.  When deciding to move to the public cloud infrastructure, it is important to find out the various options the provider gives to their customers including these technology monitoring and management tools.