Click me
Transcribed

Security of Cloud Services

SECURITY OF CLOUD SERVICES SCALE OF CLOUD SERVICES USAGE based on two 2014 surveys of organizations 94% want to or already RUN THEIR COMPUTING SERVICES IN THE CLOUD 58% 29% 7% PUBLIC PRIVATE cloud PUBLIC cloud and PRIVATE 49% 35% of users and vendors of users and vendors are using the cloud for REVENUE-GENERATING or PRODUCT are using the cloud for INNOVATION OR COMPETITIVE DEVELOPMENT activities ADVANTAGE By 2017, 2/3 OF ALL WORKLOADS will be processed in CLOUD DATA CENTERS 27% are moving workloads to the cloud because they believe using a cloud platform service will help them LOWER THEIR CAPITAL EXPENDITURES growing at 5x the rate of traditional workloads within the same period APPLICATION DEVELOPMENT DATABASE-AS-A-SERVICE INFRASTRUCTURE (DBaaS) AS-A-SERVICE (laaS) in the cloud is growing by 50% is expected to double, from 23% to 44% among users 94% of organizations are running applications or experimenting with laas DATA OF THE WORLD'S DATA 90% Personal cloud traffic WAS CREATED IN THE LAST TWO YEARS and 80% of it is unstructured 20 exabytes 1.7 exabytes 5. exabytes 66% OF DATA IS IN THE CLOUD TODAY and is expected to increase to 73% over the next two years 2012 2014 2017 CLOUD-RELATED CONCERNS IN THE U.S. CLOUD BEGINNERS CLOUD-FOCUSED USERS Security 31% Compliance 18% Compliance 30% Cost 17% Multiple cloud services management 28% Performance 15% Internal systems integration Multiple cloud services 28% 13% management Governance/ control 26% Security 13% GLOBAL CLOUD-RELATED CHALLENGES What are the KEY CHALLENGES to CLOUD ADOPTION? 24 33% of organizations 31% of organizations 30% of organizations 30% of organizations 26% of organizations said cost of said integration with existing architecture said lack of visibility into future demand, associated costs said data loss said implementation/ transition/integration and privacy risks loss of control 26% of organizations 26% of organizations 21% of organizations 18% of organizations 18% of organizations said general security risks said said transparency of operational controls said lack of standards said risk of between intellectual property legal and regulatory compliance cloud providers theft and data How do international organizations rate security challenges? System availability and business continuity risks Legal and regulatory compliance Intellectual Data loss and General property theft privacy risks security risks 4.21 3.95 4.19 OUT OF 5 4.11 4.03 OUT OF 5 OUT OF 5 OUT OF 5 OUT OF 5 10% MORE LIKELY RESPONDENTS from AMERICA to cite LEGAL AND REGULATORY COMPLIANCE as a key challenge in their approach to cloud adoption THAN RESPONDENTS from ASIA 24% cited legal and regulatory challenges as reasons for exploring private cloud adoption LACK OF CLOUD SKILLS 66% 356% of U.S. & U.K. companies were looking, in 2013, to increase their IT skills BUT to the levels required to manage cloud computing deployments were not aware of any courses in cloud computing B00 42% OF U.S. & U.K. ORGANIZATIONS have had to hire IT professionals specifically for their CLOUD COMPUTING SKILLS BAA 43% OF U.S. & U.K. COMPANIES are finding it difficult to find IT professionals with CLOUD COMPUTING SKILLS 79% OF U.S. & U.K. COMPANIES reported that universities and colleges need to incorporate cloud IT skills into any relevant syllabi they offer SOLUTIONS BUILD A TEAM OF SKILLED PROFESSIONALS CIO 40% of stakeholders believe cloud adoption is an IT function. Business owners are thus realizing they cannot use the cloud without active participation by IT, but CIOS must reinvent themselves by going beyond the "ease of access" (public cloud) vs. "tight control" (private cloud) debate-considering hybrid cloud instead-and by introducing sanity into the anarchy of "cloud everywhere." While some believe the cloud will diminish the role of the CIO, he/she will actually become one of the MOST IMPORTANT PEOPLE IN THE BUSINESS. The CIO will act as the business' service integration broker on commercial, process and technical level. Cloud Developers & IT Personnel Developers usually don't consider the security of the data or application when they build an in-house-only solution. With the cloud, they must take into account the integrity and security of that data. With infrastructure-as-a-service (laaS), IT personnel will need to be business liaisons, datacenter managers, security specialists and software architects. With platform-as-a-service (PaaS), cloud developers should be skilled in identity management, connects, middleware, architecting cloud solutions and database administration. With software-as-a-service (SaaS), administrators must have planning and design skills; infrastructure skills to determine basic infrastructure requirements; skills for migrating from an existing environment to the newly hosted solution; skills for implementing and managing the provisioning of new users; skills for day-to-day service management tasks; foundational networking skills; hybrid deployment skills to determine coexistence and maintenance strategy; and skills to determine internal security and privacy policies and address any concerns or legal requirements. DEVELOP SECURE CLOUD ARCHITECTURE & APPLICATIONS Real threats exist, but it's usually because the application developer has made a mistake – not the infrastructure provider. Cloud applications are subject to the same security concerns as those that run on-premise. While most of the tools are there to make cloud as secure as in-house platforms, businesses still need to take the same care with their architecture and applications as they would with infrastructure running in-house. Leaving a network port open or failing to observe coding best practices can expose the cloud to security risks, just as they can for in-house deployments. PROTECT EXPOSED DATA To keep in-transit data private, you must protect it. Solutions include application transport-layer security (using protocols such as SSL and TLS), virtual private networks (VPN), or custom application-level security. These will prevent criminals from viewing data, modifying it or injecting new data in transit. In the cloud, hackers may try to break into the file systems of running instances, into unattached virtual-disk storage such as Amazon Web Services' (AWS) Elastic Block Storage (EBS) and OpenStack's Cinder, and into other storage options, such as AWS Simple Storage Service (S3) and Rackspace's Cloud Files. To protect stored data, change the default credentials of all systems, use the access control lists (ACL) provided by the operating system or cloud API, and implement encryption along with key management. To protect data in the memory of an instance, which might be available to accounts with privileged access, businesses should limit administrative privileges on user accounts. If running a private cloud, protect the hypervisor running each instance. EMPLOY SECURITY AUTOMATION Any services exposed to untrusted parties will require vulnerability management and diligence in patching. Even with trusted parties, you need to verify the security of your data and connection. 6653741111233 1134998612213 0087443120011 5563412889107 Security automation helps businesses code the organization's data security policies. It includes identifying vulnerabilities on running instances, as well as patching those vulnerabilities. Document everything so you know the specific operating systems and instances on which all of your services and applications are running on. Diagram network and application E flows, including ports, protocols and directions and map out the roles required to access all parts of the system. Security automation starts with application design. Cloud is growing exponentially, but while providers are using high security measures, cloud is only as secure as users make it. Meaningful cloud consumption requires skilled IT professionals working in-house. Opportunity is abundant! Becoming skilled in IT and using that foundation for cloud-based skills can help you become a marketable asset amid this shortage of cloud professionals. SOURCES: TITLE 1: http://www.slideshare.net/mjskok/2014-future-of-cloud-computing-4th-annual-survey-results http://mjskok.com/news/news-breaking-down-barriers-to-cloud-adoption http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2014-state-cloud-survey#Cloud-Benefits-Grow- in-2014 TITLE 2: http://www.everestgrp.com/wp-content/uploads/2014/03/2014-Enterprise-Cloud-Adoption-Survey.pdf?mkt_tok=3RKMMJWW fF9wsRoluanNZKXonjHpfsX57uotXqezIMI%2F0ER3f0vrPUfGjl4DRMNil%2BSLDwEYGJlv6SgFSbDBMbV437gMWhY%3D http://www.kpmg.com/Global/en/IssuesAndInsights/ArticlesPublications/cloud-service-providers-survey/Documents/the-cloud- takes-shape-v4.pdf http://www.rightscale.com/blog/cloud-industry-insights/cloud-strategists-see-enterprises-gaining-confidence-security http://www.rightscale.com/blog/cloud-management-best-practices/automating-cloud-security http://careers.ieee.org/virtual_career_fair/pdf/Microsoft Cloud_Whitepaper.pdf http://www.smbnation.com/content/news/entry/rackspace-survey-demands-for-cloud-centric-it-skills-are-on-the-upswing NJIT Created by: New Jersey Institute of Technology -8,

Security of Cloud Services

shared by andrewdeen on Nov 13
81 views
2 share
0 comments
As the advancements in modern technology offer businesses solutions to streamline and decrease costs, it should come as no surprise that so many individuals and organizations plan on relying on cloud ...

Publisher

NJIT

Category

Computers
Did you work on this visual? Claim credit!

Get a Quote

Embed Code

For hosted site:

Click the code to copy

For wordpress.com:

Click the code to copy
Customize size