Tag Archives: 7

7 Ways to Secure Cloud Storage


Figuring out a good path to security in your cloud configurations can be quite a challenge. This is complicated by the different types of cloud we deploy – public or hybrid – and the class of data and computing we assign to those cloud segments. Generally, one can create a comprehensive and compliant cloud security solution, but the devil is in the details and a nuanced approach to different use cases is almost always required.

Let’s first dispel a few myths. The cloud is a very safe place for data, despite FUD from those who might want you to stay in-house. The large cloud providers (CSPs) maintain a tight ship, simply because they’d lose customers otherwise. Even so, we can assume their millions of tenants include some that are malevolent, whether hackers, government spies or commercial thieves.

At the same time, don’t make the common assumption that CSP-encrypted storage is safe. If the CSP uses drive-based encryption, don’t count on it. Security researchers in 2015 uncovered flaws in a particular hard drive product line that rendered the automatic encryption useless. This is lazy man’s encryption! Do it right and encrypt in the server with your own key set.

Part of the data security story is that data must maintain its integrity under attack. It isn’t sufficient to have one copy of data; just think what would happen if the only three replicas of a set of files in your S3 pool are all “updated” by malware. If you don’t provide a protection mechanism for this, you are likely doomed!

We are so happy with the flexibility of all the storage services available to us that we give scant consideration to what happens to, for example, instance storage when we delete the instance. Does it get erased? Or is it just re-issued? And if erasure is used on an SSD, how can we get over the internal block reassignment mechanism that just moves deleted blocks to the free pool? A tenant using the right software tool can read these blocks. Your CSP may have an elegant solution, but good governance requires you to ask them and understand the adequacy of the answer.

Governance is a still-evolving facet of the cloud. There are solutions for data you store, complete with automated analysis and event reporting, but the rise of SaaS and all the associated flavors of as-a-Service leaves the question of where your data is, and if it is in compliance with your high standards.

The ultimate challenge for cloud storage security is the human factor. Evil admins exist or are created within organizations and a robust and secure system needs to accept that fact and protect against it with access controls, multi-factor authentication, and a process that identifies any place that a single disgruntled employee can destroy valued data. Be paranoid; it’s a case of when, not if!

Let’s dig deeper into the security challenges of cloud storage and ways you can protect data stored in the cloud.

(Image: Kjpargeter/Shutterstock)



Source link

7 Myths About How the Internet Works


The internet is a vast and complicated set of interconnected networks, tying internet service providers, cloud service providers and enterprises together. While the cloud is an exciting new technology that is changing the way the world watches videos, hails taxis, uses money, and shares pictures, it’s not clear how these service providers work together in the background to create the value we all enjoy.

Cloud computing enables companies to create real-time transactions and collaborate to produce applications that are valuable for the real world. However, while cloud computing sounds like it is the same thing as the internet, it’s actually a metaphor. Cloud computing uses the internet and obscures the interconnecting infrastructure, platforms, and applications to make transactions seamless, immediate, and convenient for the entire interconnected world. 

Thanks to this obfuscation, there is a great deal of historical fact and fiction about the origins of the internet, networking, computing, and the interlocking pieces that’s melded together to produce myths about how the internet actually works. Let’s take a look at some of these internet myths on the following pages.

(Image: nednapa/Shutterstock)

Jim Poole is the Vice President for Global Ecosystem Development at Equinix. His mission is to explore new and emerging digital ecosystems with a focus on how interconnection can be used to strategic advantage by Equinix customers. Prior to his current role, Jim served as the Vice President for Global Service Provider Marketing, where he was responsible for vertical strategy, messaging and sales activation. Jim has an over 20-year background in the ICT industry. He has held executive level positions at Roundbox, Savvis, C&W Americas, dynamicsoft and UUNET.



Source link