Whose Cloud Is It, Anyway? Conversations with SiliconAngle
Back in 2013, the security consultant and blogger Graham Cluley stated that ‘replacing all instances of the word "cloud" with "somebody else's computer" might make organizations stop and think about the real security implications of cloud computing.’
I recently met with Jeff Frick, blog editor of SiliconAngle to discuss precisely this issue. Cloud solutions offer companies rapid scalability in their infrastructure and compute resources without large upfront costs. However, they are not without security risks, and there are substantial differences between public and private cloud options. Too many organizations don’t really understand the technical differences between private cloud and public cloud deployments, even if they understand the benefits they stand to gain.
In a private cloud environment, you essentially own the entire infrastructure, so you can load whatever equipment or software you like into that environment and virtualize it. As we know, comprehensive information security depends on comprehensive visibility into your network and data. In a private cloud, this visibility is achieved with a virtual tap, which gives visibility into the virtual data center network traffic, enabling IT and security teams to monitor what’s going on. You retain full control of your infrastructure, both physical and virtual.
However, public cloud offerings like Amazon Web Services (AWS) and Microsoft Azure are rather different. You don’t own the infrastructure – the public cloud provider does. To borrow Graham Cluley’s words, your data is being stored on, and processed by, somebody else’s computers. You have no option of forcing Amazon or Azure to install tapping software or hardware for your specific data. As a result, most people don’t have a complete understanding or even visibility of these processes happening in the public cloud.
“But these processes are happening to my data,” you might say. “If I can’t see what’s happening to my data, how can I secure it?” Well, exactly. This is why Ixia is working to develop new innovations in visibility which can offer users the same visibility into those external, public cloud environments that they can enjoy in the private cloud.
The full conversation with SiliconAngle’s Jeff Frick, which also expands into areas such as testing network infrastructures to handle the explosion in mobile devices, evaluating the security of IoT devices, data privacy in the era of big data, and much more, is HERE.