Cloud computing’s secure silver lining

Grazed from Business Day.  Author: Sean Wainer.

THE most recent data leakage scandals have all been about information assets in the incorrect places, both in terms of insecure storage and the wrong hands. The business of e-security concerns itself with monitoring and tracking data as it moves around — an increasingly difficult task given the complexities of modern working practices and the diversity of devices in use. One answer is cloud computing, the system of storing data in one place and delivering it to computers across the internet. Cloud removes these difficulties in a very simple way: data never moves. With desktop virtualisation, data assets and applications are centralised in the cloud, but are accessible from a number of devices and locations…

Employees get improved flexibility with no decline in usability — the users’ perception is largely indistinguishable from a local PC. For an organisation, however, the cloud offers very real security benefits: centralised encryption, greater automation and the elimination of the need for removable media that is vulnerable to loss or damage by human error. Theft, loss, malfunction or damage of hardware is also no longer a problem, with data preserved on the cloud, already prepped for secure use on the next device.

Traditional antivirus and endpoint security can no longer keep up with an ever-changing range of threats. Neither effective, efficient nor economical, the days of centralised index and attack file protection measures are gone, with c loud technology offering better alternatives. With services delivered through the cloud, security threats are quickly identified and dealt with.Rather than having to analyse assorted systems with varying degrees of security and infection, cloud providers can capitalise on the advantage of scale. With a centrally hosted system image, threats can be removed, unwelcome additions or modifications quickly detected, and compromised instances quarantined, without any risk of loss of data. Clean applications can continue to be broadcast to clients. Threats picked up on individual virtual machines can never reach back to the data centre, so sensitive data always remains secure.

Rather than dedicating resources to an all-or-nothing attempt to erect barriers, cloud endpoint security goes to the next step: ensuring attackers can gain nothing from infiltration.

A truly dedicated distributed denial-of-service (DDoS) attack can involve an overwhelming onslaught of data from a potentially large number of sources. Even the strongest endpoint security and most secure data can fall victim to it. In this case, cloud is not a magic bullet, but the enhanced systems and expertise of cloud partners can bring you valuable resilience — certainly beyond the level any one organisation’s overstretched IT department could provide. No matter how strong an individual data centre’s security, it is limited by the finite number of servers it possesses. Cloud systems, in contrast, have the flexibility of greater server availability. In the face of a DDoS attack, targeted services can be transferred to unaffected resources as endangered ones are fortified and made available again. With time, security vendors will adapt to this. The result will be security that is not only strong, but smart.