The changing face of security in the age of the cloud

The computing world just keeps on progressing but as we all know with progress comes additional challenges. This is especially true of challenges around security. Every advance in computing has given rise to the same question: “how do we secure this new toy?”

When client/server architecture was all the rage in the late 1990s there was great excitement about the advantages it brought about but also a concern for the security implications of distributed clients and centralised servers. When server consolidation came of age in the early 2000s the concern was how to keep applications secure when running on the same server.

In the age of cloud computing, we seem to have introduced more security impacts than ever before. Cloud computing has been the basis for many tremendous benefits in the computing industry and has positively impacted many businesses around the world. While we can celebrate all the advances we need to be very aware of all the new threats that have come with the steps forward. The following are some of the areas that concern security professionals in the 2017:

Cloud

As I have stated in a past article, security concerns are still the number one impediment to cloud adoption in the computing world today. With that said, more and more organisations are moving production workloads to the cloud every day and how to secure those workloads is a question with no single answer. Whether cloud workloads are treated as if they are in one’s own data center or secured through as-a-service tools, placing workloads into the cloud comes with some measure of uncertainty that requires research, planning, and execution to mitigate.

Edge/fog networks

The concept behind fog computing isn’t really all that new. I remember moving web servers to the outer edge of the network, outside the firewall, so that they can be closer to the users. The difference now is that fog computing supports larger numbers of devices either at the edge of the managed network or, in the case of IoT, placed physically very far from the control plane.

The somewhat obvious threat vector is the vulnerability of these fog/edge to attack and the continuation of that attack to the control plane, aggregation layer or even all the way to the virtual private network or data centre. This needs to be dealt with in much the same way as this type of problem was handled in past. The fog/edge devices need to be hardened and the communications path between those devices and the aggregation layer and the data center (cloud or other) need to be secured.

Mobile users

It was so much easier to secure an environment when we knew who our user base was. Well, not anymore. The preponderance of mobile devices that the service developers can have no control over, leaves the service network open to attack via those devices. A user who utilizes your provided tested and secured app could easily have installed another app which is just a front for malware of some kind. Beyond just writing apps that are secure the systems as the front end of the data centre or cloud environment that support these apps have to be strongly secured. Additionally, communications between app and service layer need to be secured and monitored.   

Malware

On June 26 the largest container shipping company in the world Maersk Lines, Russian oil producer Rosneft, and pharmaceutical giant Merck, along with hundreds of other institutions around the world, were all but shut down by a global malware/ransomware attack.

That the perpetrators used various public cloud-based resources to launch the attack is a very real possibility. Security professionals around the globe are concerned about the form the next big malware, virus, or ransomware attack will take. Practical and logical steps, including planning for recovery, training, and maintenance, need to be taken to prevent organizations from falling prey to these attacks.

Global data expansion

Many years ago, I wrote an article on how server consolidation can positively impact data centre security by reducing the number of operating system instance to maintain and by reducing the number of possible targets for hackers. In today’s ever expanding global data environment we have to ask ourselves: have we provided too many targets for the bad guys?

The answer is maybe. Each individual and organisation have to be engaged in preventing data loss and data theft by utilising the many means of securing data that exist today. Data at rest encryption, automated and versioned replication or version backup, are just some of the ways an enterprise can protect themselves. These security concepts apply equally to preventing and/or recovering from malware attacks.

The only way to survive the many security threats that exist is to: recognise the threats, learn about them and how to fight them; build a comprehensive plan for protecting your organisation and for reaction to and recovery from an attack; whether it is basic security maintenance or implementation of major security efforts, take action. Don’t just sit back and wait for an attack to happen.