Is the cloud too much of a good thing? Virtualization and cloud computing have been one of the biggest technological advancements of the twenty-first century and they continue to grow at an amazing pace. Cloud computing has started to obtain mass appeal in corporate data centers as it enables the data center to operate like the Internet through the process of enabling computing resources to be accessed and shared as virtual resources in a scalable manner. Each day there seems to be a new announcement or press release about a new product or service that has been released utilizing some form of cloud computing, and I do not see this trend changing anytime soon.
I have had the chance to read some really good posts and articles on cloud security that are warnings that we are moving way too fast into the cloud without fully looking at and considering the security aspect of what the move to the cloud really means. I know for the security folks this warning is nothing new and something the security teams have been trying to warn us about.
In cloud computing, the word cloud (also phrased as “the cloud”) is used as a metaphor for “the Internet,” so the phrase cloud computing means “a type of Internet-based computing,” where different services — such as servers, storage and applications — are delivered to an organization’s or person’s computers and/or devices through the Internet. Before the cloud, we utilized firewalls to block and protect ourselves from the Internet; now it seems we are quite comfortable sending all of our data there. As a consumer, there are a handful of cloud services that I connect to daily, and I took a moment to really take inventory of what I have out there and paused to think and question if my data is where I thought or expected it to be.
One of the main purposes of the hybrid cloud is to be a scalable part of a company’s own private cloud and/or infrastructure that, when done right, should be completely invisible to the users of the services. When demand is high, resources can be added as needed from a public cloud without skipping a beat, but at the same time, I wonder if my data is safe and secure in the companies’ private clouds, where I thought the data was headed, or if the data a detour to Amazon, Rackspace, Microsoft, or any other public cloud provider.
In the corporate world, Software-as-a-Service (SaaS) is becoming increasingly popular and has the potential to spread a great deal of corporate private data all over the internet. I believe we need to really begin the painful process of taking a serious look at security in the cloud, and we need universal standards and procedures for securing and reining in our data.
If the gap between cloud security and cloud services continues to increase, then it is just a matter of time before we have a major breach that will compromise millions of people’s private data, which will result in calls for governmental oversight and compliance. We can either handle this issue as an industry or wait for governments to do it for us. Sooner or later this will have to be addressed and handled, and until then I believe a fuse has been lit and we are just waiting for the boom.