What’s at stake in the cloud?
October 5, 2011
The new federal strategy for implementing cloud-computing solutions is called “Cloud First”— and with good reason. We now systematically prefer cloud-computing solutions to those based on local servers and laptops. The allure of efficiencies, economies of scale, high-end services and — most importantly — reduced costs are almost irresistible.
But, as American governments at the federal, state and local levels rush headlong toward cloud computing, wouldn’t it be wise to pause and ask, “What’s at stake?”…
The current structure of the Internet is fundamentally open — open in terms of access and open in terms of use. But this openness has consequences. As deputy secretary of Defense William Lynn said in a speech announcing our military’s Strategy for Operating in Cyberspace: “The Internet was designed to be open, transparent, and interoperable. Security and identity management were secondary objectives in system design. This lower emphasis on security in the Internet’s initial design … gives attackers a built-in advantage.”
The transition to the cloud gives us a chance to change that flawed security paradigm. We can, if we choose to, build in more powerful security principles from the beginning as integral components of cloud architecture. Where more sophisticated and costly security solutions are too expensive for an individual user (or small network), they are more affordable when the costs are distributed among a larger group of users.
Likewise, sophisticated solutions that could be too cumbersome to run on a stand-alone personal computer or laptop (or today’s tablet or phone) can run effortlessly on the larger server systems maintained by cloud service providers. Thus, if we invest our capital wisely (like creating an efficient data management and authentication structure), the transition to cloud computing can hold the promise of high-end security even for routine data transactions.
But, just as these economies of scale offer the promise of greater security, they also create greater vulnerabilities and threats that must be addressed before we can say that cloud computing is secure.
The accumulation of vast stores of data and computing power in cloud-based systems will provide online thieves and hackers and nation states bent on espionage with an exceedingly attractive target. In a survey of attendees at the 2010 DEFCON conference, one of the largest hacker conferences in the world, 96 percent of hackers believed the cloud would open up more hacking opportunities for them, while 89 percent believed cloud vendors were not doing enough to address security issues.
Given the potential nature of cloud services, in the event of data theft or loss due to illegal or intrusive actions, cloud clients could be subject to legal and/or financial liability for breaches over which they have little knowledge and even less practical control.
Users might also need to create independent Continuity of Operations Plans (COOP) to ensure functionality and survivability if cloud service is disrupted. One essential part of any COOP will have to be the ability to change cloud or other network service providers should the need arise.
Will there be sufficiently common standards that govern “cloud” service to make any such transition possible and not overly complex or costly?
Any system is subject to insider threats. The more concentrated the data, the more catastrophic the failure if the threat materializes. In the cloud, an insider with access can replicate, download, steal, delete or modify multiple clients’ data unless effective internal security measures are implemented. Personnel screening, internal security and the like will be the responsibility of the cloud manager. How transparent will this be to clients since users will be dependent on the cloud manager’s effectiveness?
To date, most cyberattacks have in reality been examples of theft — personal data, intellectual property, state secrets — conducted for malice, profit or espionage. And unlike parallel activity in the physical domain, which usually only directly affects large commercial and governmental interests, cyberattacks can directly affect individual citizens. In the cloud, it is their data that is stolen and their services that are disrupted.
Breaches in the cloud could be more catastrophic than breaches in discreet networks or systems. Overstating the threat only slightly, the difference is between breaking into an individual home and breaking into a large, theoretically secure building filled with unlocked condominiums.
There are fundamental challenges and opportunities for cloud providers. Will they develop a business model that emphasizes merely price and efficiency, or will they strive to make security services a key discriminator between their offerings and those of their competitors — even if that means reinvesting some portion of the cloud’s “savings” back into a more secure architecture. Let’s hope for the latter.