One of the biggest questions I get is about the security implications of cloud computing. Customers want to know how to secure your data, your assets, the compute environment etc. etc. as they adopt cloud computing.
In the traditional IT world, our security options are quite clear. You put firewalls and parameters around your environment and don’t let anyone in. As the use of the Internet increased, we started providing VPN access for folks. This allowed them to start using assets—which were still held behind a firewall--in a secure way.
Cloud is turning things completely around – now we are placing our assets outside our own four proverbial walls. We are more and more reliant upon others to provide security. Now we are in an open environment where risks are greater. Our past experiences dictate that we should add more security layers and/or not go on this path all together; yet, we see the benefits that cloud brings in agility and efficiency. If we see things logically we have no choice but to move forward – a complete paradox.
Is it possible to protect a teenager from danger?
Now, let’s compare this paradox to raising children. I have young kids – pre-teens. I look at their security and safety by making sure that they are eating right stuff, are picked up and dropped off to school in a safe fashion and if they go somewhere their mom or I accompany them. It is almost like securing the parameters in the traditional world of IT.
I also know that as my kids grow older and get into their teen years they will go out on their own. They will take on adventures which might seem risky to me as a parent but are essential in their growth and path to adulthood. They are also going to be more irrational and impulsive. The first instinct should be put more restrictions and go into a complete lock-down mode.
Yet, as sane adults we also know that we have to let our kids grow. We also know our existing ways of applying safety and security policies and rules are not going to be that effective. Unfortunately, society says we can no longer lock our kids in the tallest tower until they are 25. Shucks.
So what are we to do – should we bury our head in sand as a parent? Should we look the other way with our IT governance and security? Wait out the storm and hope for the best – for both our growing teenage kids as well as our march to cloud computing. No, of course we shouldn’t look the other way. But what should we do? The answer actually in both instances is remarkably similar – TRUST.
Using the past to build the future
Hopefully we have provided the right tools and guidance to ensure that our kids can make the right decisions. We have instilled in them that the company they keep is extremely important and that we have also provided help in picking their friends and acquaintances. All of this culminates into the trust relationship that we have been building with our kids over the years and the belief that they have a sense of our values.
Cloud security is again quite similar – as I mentioned it starts with the right upbringing. Instead of simply looking at security as piece and parts and only securing the parameters, we need a more comprehensive view. We should look at security in a holistic view from the moment applications are designed, tested and delivered. We also need to examine all the elements of underlying resources—being proactive and rather than reactive—and of course, choose the right partner. You want to choose a partner that values your security needs and has adopted robust security policies throughout their own planning and delivery. This trust relationship is the only way forward whether it is with our kids or with our cloud partner.
As you consider the unique needs of your environment, look thorough our Cloud Security offerings to see how we can meet them.