Subscribe to Email Updates

Subscribe

Cloud_Security.jpg

Wary or Wise? Which side of the Cloud are you?

By Denisa Dragomir on Apr 07, 2014 | 0 Comments

March was quite a prolific month for dominant players in the Infrastructure-as-a-Service (IaaS) space. Recently, the public cloud pioneer Amazon Web Services entered the Desktop-as-a-Service (DaaS) market by announcing general availability for AWS Workspaces.

The newly-launched service offers four bundles of prebuilt software that is instrumental for the end-user experience. Licensing consists of flat monthly fees for each bundle, and among the cool stuff under the hood you’ll get coverage for mobile devices, Active Directory, PC-over-IP (PCoIP) support, persistent storage, and data encryption.

On top of it all, AWS-tailored security software is included in two of the available bundles, which is (for now) limited to a single security vendor. The way we know Amazon and their far-reaching vision in extending their service portfolio, they will most certainly consider integration with additional security vendors for future updates. 

Last month also marked a chain reaction of price cuts in IaaS and Platform-as-a-Service (PaaS) offerings, starting with  Google trimming prices for Cloud Platform, closely followed by AWS with their 42nd price reduction for several of their main services, and finally by Microsoft who also announced significant price reductions for their Azure platform. 

 

Times are changing - quickly

Let’s take a step back and view things from a broader perspective. Everyone seems to be talking cloud these days, and a growing number of businesses want it implemented in one form or another.From ambitious startups to well-established B2B companies and, most importantly, corporate giants, businesses of all sizes are moving away from old-fashioned legacy models to more flexible, economic and scalable computing.

Based on Gartner researcher Lydia Leong, public cloud traction grows exponentially with the size of the business or company that practices it, which means that all roads will eventually lead to cloud. In this top-down approach, enterprises do indeed have a decisive role in leading the way for smaller businesses. Primarily, they are the ones to build trust and educate the market about how to harness the amazing power of cloud computing while finding ways to adapt it to their business needs. I think this is the real transformation, or IT r(e)volution, we’ve all been part of since virtualization began to be consumed as a service.

Cloud_Security

What started as an IT outsourcing trend few years back (stemming from virtualization as the enabling core), rapidly grew into massive-scale adoption, reaching the point where it has become a well-established norm in production environments.

 

The new cloud routine

At one point in your work life, all IT professionals must have fired up an IaaS account in response to development and/or testing demands within an organization. This avoids the unnecessary pain of going through hardware acquisition, set-up, and subsequent maintenance. No up-front investment, no tedious set-up work; virtually endless capacity available at the drop of a hat.

More importantly, as an administrator, you can share this pool of resources across departments in a controlled and granular way, empowering end-users to provision their own instances via a self-service portal whenever necessary, with very little effort involved. I consider self-service and auto-scaling to be the key drivers for both time and cost efficiencies in the cloud, and perhaps the most exciting capabilities from a dev’s perspective.

Despite its booming popularity across various industries and service-providing businesses, there are still waves of skepticism slowing down the adoption of cloud services as a mainstream technology. Some are calling these skeptics “cloud-wary” simply because of their lack of trust in the safety of their data residing elsewhere.

As a result, they have no short-term plans of making the switch or dipping their toes into the cloud, which can be understandable in certain geo-political contexts. Other facets of the cloud, such as multi-tenancy and self-provisioning, further increase the magnitude of the problem and raise complexity around data protection.

 

 

How to isolate each tenant’s access within a shared infrastructure, how to control, monitor and better respond to any possible breach that could jeopardize your workload?

 

With security being the most serious showstopper, it is paramount for Cloud Service Providers to address security properly at an infrastructure level and make it transparent to the customer.

So far it appears that Amazon has been the most dedicated to doing just that. There is hardly any security-related question left unanswered when going through the AWS Security Center repository. This is all part of the shared responsibility model which I will be diving into with my next post.


You’re invited to comment and share your thoughts about public cloud security – are you wary or wise? Let us know.

Wondering how we approach this? Download this: “AWS & the use of Gaming strategies: imitation and reality”

Share This Post On

Author: Denisa Dragomir

Technology enthusiast with over 5 years experience in the computer security sphere, Denisa is a Junior Product Manager for Cloud Solutions at Bitdefender Enterprise. Specialized in Cloud and virtualization technologies, Denisa has a strong background in technical marketing, being actively involved in content writing and responsible for the Go-to-market strategy of Bitdefender’s virtualization security product line.