March 13, 2013 By Vikash Abraham 2 min read

While Cloud has been clearly identified as the next step to IT optimization, essential for increased performance and cost reduction, many of us are in a haze when it comes to the fundamental security measures required.

Our fears related to cloud security, for e.g the fear of the unknown ( where is my data stored?) and the fear of the unseen (how does my data flow from one Virtual Machine to another) and the fear of how ‘secure’ the cloud really is lead us to be wary of cloud adoption. Also the new layers of infrastructure create new grey areas, requiring new security solutions such as Virtual Server Protection for specific protection.

Basic components of Cloud and ways to optimize their security

Even though the cloud uses a different mechanism to serve IT infrastructure, be it computing power, memory or storage, the elements that create a cloud still include traditional datacenter components – servers, network, nodes and endpoints. The risks that exist in traditional data centers are also relevant in a cloud environment. Hence, traditional protection solutions such as Firewalls, IPS and Anti-viruses for physical hosts are essential to secure the cloud too. But how do we get smart in customizing traditional solutions to adapt to the requirements of the cloud?

Three cloud scenarios and the relevant host security features

1) Heterogeneous components:

The Cloud is about heterogeneous components coming together to serve as a single standard entity: this would mean that the host environment in a typical cloud would include different types of endpoints running different OS platforms. If separate security products are needed for different OS systems, it would become an administration and configuration nightmare. Hence, a single host protection solution that can support many platforms could reduce considerable effort and cost.

2) Distributed resources:

The Cloud is about a large number of distributed resources working together: this would mean a large number of endpoints at different locations that need to be managed, configured and secured. Again, an administrative nightmare to track and maintain security policies across these endpoints. Here, centralized security management of endpoints needs to be a part of the security solution.

3) Multiple technology layers:

The Cloud is also about multiple technology layers that work seamlessly: the higher the number of layers, the more the chances of gaps and vulnerability. Hackers identify easy entry points and don’t limit themselves to one point of entry. Using techniques such as ‘Advanced Persistent Threats’, they attack through multiple vectors. Security administrators need to ensure that they stay ahead of the hacker and secure the infrastructure from organized attacks.  It is essential to implement a security product that can not only do its specified point job, but can communicate with other security components. This integrated approach will enable identification and blocking of advanced threats to the cloud.

I look forward to your thoughts, queries and comments. Watch out for upcoming blogs that will feature relevant IBM Security solutions to help you resolve these issues.
Learn more about how IBM Security’s Host Protection solutions address cloud security.

More from Cloud Security

Risk, reward and reality: Has enterprise perception of the public cloud changed?

4 min read - Public clouds now form the bulk of enterprise IT environments. According to 2024 Statista data, 73% of enterprises use a hybrid cloud model, 14% use multiple public clouds and 10% use a single public cloud solution. Multiple and single private clouds make up the remaining 3%.With enterprises historically reticent to adopt public clouds, adoption data seems to indicate a shift in perception. Perhaps enterprise efforts have finally moved away from reducing risk to prioritizing the potential rewards of public cloud…

AI-driven compliance: The key to cloud security

3 min read - The growth of cloud computing continues unabated, but it has also created security challenges. The acceleration of cloud adoption has created greater complexity, with limited cloud technical expertise available in the market, an explosion in connected and Internet of Things (IoT) devices and a growing need for multi-cloud environments. When organizations migrate to the cloud, there is a likelihood of data security problems given that many applications are not secure by design. When these applications migrate to cloud-native systems, mistakes in configuration…

New cybersecurity sheets from CISA and NSA: An overview

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments.This new release includes a total of five CSI sheets, covering various aspects of cloud security such as threat mitigation, identity and access management, network security and more. Here's our overview of the new CSI sheets, what they address and the key takeaways from each.Implementing…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today