Cool Solutions

Keeping the Cloud Secure – Methods for Service Providers


November 17, 2010 5:15 pm





The cloud. It’s where an increasing number of organizations are keeping their data, or where they’re actually doing business. Keeping the landscape secure has always been important, but in an age of increased compliance reporting it’s even more vital.

Add to that a growing number of firms that offer software as a service and maintain valuable data and access to that data for their clients via the cloud, and you’ve got a recipe that requires robust security, ease of connectivity and the best in access management functionality.

The difficulty comes in determining what ingredients comprise the best cloud security service. And by best we mean the cloud security product that allows multi tenancy, options for compliance reporting, an easy-to-use interface, and a seamless integration with existing infrastructure.

There are two distinct customer segments focused on cloud security as a service. Enterprise customers who are embracing the cloud for various reasons – business agility, lower costs or a combination of both. And cloud providers – software as a service or ISVs and MSPs/IaaS who are providing cloud services.

To make things more challenging, businesses can’t have a different security model or different compliance criteria for the cloud and for their internal enterprise. They want to ideally be able to extend their internal roles, policies and workflows seamlessly to the cloud.

Therefore, the state of security today for a lot of enterprises is broken. Vendors need to provide a complete set of cloud security solutions that ensure customer’s identities and information are protected in the cloud. The solutions that they have inside the firewall don’t extend to the cloud and the solutions that work well in the cloud are not integrated with the solutions inside the firewall. This is leading to disparate tools, disparate policies and additional overhead if a company wants to implement cloud solutions.

Finally, the number one objection for customers desiring to move to the cloud is security.

PricewaterhouseCoopers categorizes cloud risks into multiple areas –

  • Access (control and monitor access to sensitive data and roles)
  • Business continuity planning (address providers business continuity and disaster plans)
  • Compliance (maintain compliance and regulatory requirements)
  • Data Protection (Protect and maintain data segregation)
  • Events (manage incident response and investigations)
  • Change and configuration management (change & configure business rules, users & data)

With this in mind, providers need to create and market a complete set of solutions that they can use to protect their customers identity and information in the cloud – either as a basic service or as a more premium service. In all cases these solutions have to support the cloud model and be scalable, support shared infrastructure and support consumption based billing.

In a best-case scenario, a cloud security service would work with any IDM provider and/or product. It would offer the enterprise the option to leverage the tool through an integrated console without signing on to buy the entire service package. And the service would have compatibility built-in so it would work out of the box with Amazon, Rackspace and public-cloud providers.

Perhaps the most difficult facet – for compliance and technology reasons – is multi tenancy. But eliminating the need to have separate physical secure servers to house data is extremely attractive. By crossing this hurdle, software as a service providers save money because of fewer physical servers and they’re still able to give clients efficient access to data.

Essentially, the goal when delivering software as a service is to have a consistent framework for managing identities across physical, virtual and cloud deployments. Vendors demand these functions, their clients demand tools/services that provide access and ease-of-use, and myriad agencies require solutions that answer compliance reporting versatility.

By extending their identity infrastructure to the public cloud, enterprises get speed and safety. Changes made to users’ permissions or access are instantly replicated-ensuring consistent identity management regardless of where computing is occurring.

“Security is the biggest hindrance to cloud adoption that service providers offering cloud services need to overcome,” said Antonio Piraino, Vice President of Research, Tier 1 Research at Novell. “The ability to provide interoperable security solutions for and between an enterprise’s internal infrastructure and the cloud provider’s platform will alleviate the biggest assurance, vulnerability and SLA concerns enterprises have today.”

As cloud computing vendors that offer software-, platform-, or infrastructure-as-a-service seek to differentiate themselves in the marketplace, value-added services like customized security become increasingly important. So do multi-tenant identity and access management solutions that provide just-in-time provisioning, authentication, authorization and support for compliance.

For cloud service providers who want to deliver a secure, compliant computing environment for their customers, this is the challenge. And the firms that are able to answer this need will be well-positioned to assist the growing number of enterprise clients who see the cloud as the next – and best – frontier for housing and providing access to data.

Learn more about the cloud, and how companies are developing their position by providing software as a service solutions by relying on the power of the cloud.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Tags: , , ,
Categories: Expert Views, PR Blog


Disclaimer: This content is not supported by Micro Focus. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.