1Volume 1, 2010, Issue 3

MAKING THE CLOUD SECURE FOR YOUR ENTERPRISE By Ellen Rubin

any companies would like to take advantage of cloud computing, but concerns about possible security breaches and loss of data hold them back. For cloud computing to gain traction in the enterprise, IT and security executives need to be certain that their company’s applications and data are safe. But when security is partly out of enterprise control, it becomes impossible to know if sensitive information has been accessed or compromised.

2 Volume 1, 2010, Issue 3

Security issues associated with third-party cloud en-vironments continue to prevent organizations from taking advantage of the cost savings and flexibility that the cloud can offer. Today, using a public cloud means moving from an internal environment where a company has complete control of data and pro-cesses to an environment where that control belongs to someone else, and is often opaque. Within the cloud, applications run in a multi-tenant environment sharing virtual machines with other customers. Com-panies considering moving an application to a cloud have legitimate concerns about data being com-promised or stolen, including unauthorized access by cloud administrators, exposure in the Internet or rogue employees using the cloud to corrupt or leak sensitive information.

One solution is to keep sensitive data within the corporate data center and put the other application tiers in the public cloud. While this approach works well for some use case scenarios, the latency im-pact of the “reach back” into the data center can be unacceptable for many applications and users.

Moving the entire applica-tion to the cloud—in-cluding the database tier—provides bet-ter performance and scalability, but this exposes the applica-tion to new potential threats such as those mentioned above.

Encryption is a well-known approach to addressing these types

of security concerns. For protection in the cloud, the enterprise needs to encrypt all data and c om -munications. While encrypting the application in the initial environ-ment is usually fairly straightfor-ward, extending that encryption to the cloud cre-ates new security issues that have blocked many cloud deploy-ments. In order to run the ap-plication in the cloud, the enterprise needs to deliver the encryption keys to the cloud to decrypt the data. This creates additional risks by exposing the keys in the operat-ing environment. In the worst case, poor encryption

configuration and management can expose the cor-porate data center to threats from the cloud.

END-TO-END ISOLATION AND CONTROLSo how do you make the virtual, multi-tenant envi-ronment of the cloud safe for enterprise use? You do it by giving the enterprise total control of its systems and data, using security technology that isolates its data and applications at all times once they leave the physical data center. This requires a security architecture that addresses three key areas of protection:

• In the data center: Role-based access control is needed to protect data and processes in the cloud from unauthorized access by internal users. Thus, administrators need the ability to set user roles and assign privileges for cloud resources. This could include what functions a user can perform, applications they are allowed to access, and what groups they can be part of (e.g., devel-opment, testing, or production). Ideally, the same policies and mechanisms in place internally should extend to the cloud environment, transparent to users and administrators.

• In the Internet: To prevent data in transit from being exposed or compromised, data needs to be encrypted end to end, from within the data center firewall, across the Internet, and into the cloud firewall. All customer traffic between the enterprise data center and a cloud server will then through this secure tunnel. From the user’s perspective, set-up of this secure environment should be au-tomatic, with no configuration work required and no need to understand the network connections or the cloud provider’s environment.

• In the public cloud: The secure tunnel origi-nating inside the data center firewall needs to extend throughout the public cloud envi-ronment. Encryption keys need to be under enterprise control at all times and never ac-cessible by the cloud provider or unauthorized users. Keys should be stored within the data center and transmitted to the cloud only when needed, through the secure tunnel. Cloud pro-viders should have no access to the encrypted network within their cloud at any point—during processing, when data is stored, or in transi-tion.

Using this approach, the cloud becomes an extension of the internal IT environment while

the cloud provider sees only an encrypted connec-tion running into one of its servers. With end-to-end isolation of applications and data, companies can run selected applications in the cloud with the same

3Volume 1, 2010, Issue 3

protection and control available internally. Data in the cloud is protected against potential threats from other cloud users as well as threats related to cloud provider software and procedures. Corpo-rate IT is also able to enforce company policies in the cloud while reducing dependence on the cloud provider for security

The approach ties in with another important aspect of cloud security: separation of roles and security controls. Since cloud computing allows a separate entity to run the physical infrastructure, it’s impor-tant to have a strong separation between the en-terprise environment and that of the infrastructure provider. Mixing these controls, such as by allowing the cloud provider to have access to unencrypted data, creates complexity and dependencies that need be managed and monitored. The ability to isolate data with a cloud provider’s infrastructure greatly simplifies server commissioning. Data pro-tection is also independent of updates to a cloud provider’s infrastructure or software.

SECURING THE CLOUD FOR FLEXIBILITY AND SAVINGS An end-to-end security framework greatly reduces the risk of enterprise applications running in a pub-lic cloud. The cloud environment becomes an ex-tension of a company’s security perimeter, giving the enterprise control of its applications and data at all times, regardless of where they happen to be deployed. This control also means that organi-zations don’t have to understand and adapt to a particular cloud provider’s security capabilities or compensate for a particular feature they may or may not have.

Enterprises can now take advantage of cloud eco-nomics and flexibility without sacrificing the security required by customers, internal users, and other stakeholders. The days of cloud computing are just beginning, but with the right combination of cloud providers and additional technologies, it’s not too early to start doing real work in the cloud and reap the benefits of this new computing paradigm.

For more information on making cloud computing secure for the enterprise, check out the CloudSwitch white paper at http://bit.ly/doKJpO.