Cloud computing presents new security challenges

Ask a bunch of business IT managers their buzzwords for 2010, and you'll be certain to find word 'cloud' appearing in the top ten.

Cloud-based services have revolutionised computing for home and business users, with music services such as Spotify enabling users to stream content over the internet.

For businesses, could computing offers a host of possibilities. Hosted apps - known as 'Software-as-a-Service' (SaaS) - such as the services provided by Google, Campfire or Zoho, enable workers to collaborate, sharing documents and spreadsheets online. They can also cut costs, because many are accessed entirely via a web browser, without the need to install any other software.

Infrastructure-as-a-Service (IaaS) takes cloud computing to the next level, with firms being able to access virtualised operating systems, servers and other resources remotely over the web using high-speed connections.

But with services such as hosted storage meaning that valuable business data travels through cyberspace, the need for security is greater than ever.

Which is why the findings of a report released in April this year by PricewaterhouseCoopers (PwC) are so shocking. While 75 per cent of large organisations and 57 per cent of small businesses said they used encryption to protect data held on local hard disks, only 14 per cent of large enterprises encrypted the data they held in the cloud. For smaller firms, the figure was even lower, standing at just 9 per cent.

Randy Heffner, Vice President of Forrester Research, says IaaS has brought about a "fundamental shift in the security boundary".

"For many firms, the most fundamental security boundary between their infrastructure and the rest of the world consists of the perimeter security provided by firewalls in their [premises]," Heffner says. "IaaS moves the fundamental security boundary to the configurations of virtual machines and virtual network paths in your IaaS providerʼs data centre."

The answer, says Duncan Hughes, systems engineering manager EMEA at storage and networking specialist Brocade is a holistic approach to security, with protection built into every aspect of our increasingly convergent communications networks.

"We need to go deeper than the multi-layer security approach we have today to enable the network to defend itself against threats in the infrastructure," Hughes says. "If you think about telephony, a lot of communication is happening at a peer-to peer-level, and weʼve got no visibility of whatʼs happening to that... traffic. Weʼre going to need security at every point of the network."

To read Brocade's end-to-end guide to cloud security for enterprise, download it at our sister site, ITWhitePapers.co.uk.