Skip to main content
  1. Home
  2. Computing

Cloud Computing Could Pose Serious Security Issues

By
cloud-computing-oracle
Image used with permission by copyright holder

(Editor’s note: This is the second part of a two-part series on addressing security risk on cloud computing. Click here for the first part.)

A few years ago, Google Enterprise president Dave Girouard had his laptop stolen from the trunk of his car at a San Francisco Giants game.

Recommended Videos

But if the thief was looking for information, he would have been disappointed. “There was nothing on that laptop,” he says through a spokesman. “Everything was stored remotely — there was no loss of data, and no loss of productivity.”

Girouard’s story highlights the potential of cloud computing, which experts acknowledge is still in its infancy. And Google’s Eran Feigenbaum advises consumers to “carefully consider to whom they entrust their data, be it on-premise or in the cloud.” But he says that Google is taking steps to ensure the data in their cloud is secure.

“Google has a full-time security team, and we employ some of the top security experts in the world,” Feigenbaum says. “Our operations work at a large scale, allowing our security teams to detect, act upon and resolve a wider variety of security threats than one single company would ever face – sometimes even before the threat is discovered by the antivirus companies.”

“With a traditional software vulnerability, a patch is released and companies typically take 30-60 days to deploy it,” Feigenbaum adds. “During that time, they remain vulnerable. With cloud computing, companies don’t need to patch their own servers. We designed our servers with security in mind from the start, and we can patch them quickly to help ensure our customers are safe.”

Christofer Hoff, director of Cloud and Virtualization Solutions at Cisco Systems, says he understands security concerns from both the business and consumer angles. But he also says the security issues are complex and they will be ironed out, in time.

“For the cloud service provider, there are questions of hardware, facilities, infrastructure, ability to build applications and software. Each of these has trade-offs,” Hoff says. “The business side is still maturing in this market.”

“For the consumer, it comes down to two things: trust and control,” Hoff says. “Cloud computing is about gracefully giving up control while trusting that a provider will exercise the appropriate due diligence and care of your information. The issue of giving up control is an emotional response – in many cases it’s a response formed around the opinion that a provider cannot do as good a job protecting one’s assets. We have to balance between control issues and making sure we have adequate visibility and transparency so that people can trust that the information is safe with these service providers.”

Hoff says these are some of the issues that will be addressed:

  • Privacy standards. “The challenge comes in the way in which these services are delivered,” Hoff says. “Privacy concerns in cloud are not that different from non-cloud service offerings although they are exasperated – because in a single-tenant, non-cloud environment you generally know where information is and how it’s being kept. With lots of different customers, that isolation of that data is appropriately maintained.”
  • Massive amounts of multi-tenancy and massive amounts of scale. “Providers have to manage service and isolation of potentially millions of customers and this presents a challenge as we see infrastructure and applications scale to address consumption at this level,” Hoff says.
  • “You have to take a holistic view (on confidentiality and privacy) and what the policies and service levels are,” Hoff says. “The standards I was talking about were less about regulations and more about open API and interfaces between cloud providers so that you have a choice of providers.”
  • There are 18 different organizations and standard bodies that are coming up with cloud standards and APIs. “That should settle down over time as a normal function of market dynamics and customer demand, but it’s very confusing and difficult at times to determine where to place your bets,” Hoff says.


Cloud Computing as an Operations Model

Amazon Web Services (AWS), which is also working on perfecting its cloud, has a white paper on how it secures its network. Companies that use AWS include ESPN, the New York Times Company and Pfizer, says spokesman Kay Kinton.

When asked about public vs. private clouds, Kinton says, “What we’ve seen dubbed a ‘private cloud’ is really just another form of virtualization and lacks the key benefits of the AWS cloud and Amazon VPC [Virtual Private Cloud]. Virtualization of an existing IT environment still means that you have to deal with the hassles of owning, managing, and operating the hardware – contract negotiations, facilities management, staffing.

“In addition, you still incur all the capital expenditure of owning all of your assets, instead of simply paying as you go,” Kinton adds. “Most important, these types of virtualized environments lack the key benefit of elasticity. With AWS not only can an application scale on demand but when the resources are no longer needed, an enterprise can release them and stop paying for them. It would be very hard for most enterprises to duplicate the scale and heterogeneity of use cases of AWS, and thus to simultaneously maintain high server utilization and the ability to scale up and down instantly.”

“It’s less about ‘what is the cloud?’ then ‘how can I use the cloud?’” Cisco’s Hoff says. “It’s still really early days in cloud computing. The technology is evolving but people are beginning to understand that the cloud is not a technology, it’s an operations model.”

Hoff also adds that Cisco is not looking to compete with companies like Google with its own cloud. Rather, its is focusing on enabling service providers with the infrastructure and solutions needed to deliver secure public cloud services as well as customers to build their own private clouds.

James Zipadelli is a Connecticut-based freelance journalist. He has written for CTNewsJunkie.com, Helium.com and several publications in Boston. You can find him on the Web at www.jameszipadelli.com or on Twitter @redsoxlive.

Editors' Recommendations

Ian Bell
Ian Bell
Publisher
I work with the best people in the world and get paid to play with gadgets. What's not to like?
Watch this BBC report about computer addicts … from 1983
A man using a computer in a BBC report from 1983.

1983: Meet the COMPUTER ADDICTS | Newsnight | Retro Tech | BBC Archive

The BBC has just shared another video from its archives, this one showing a report about computer addicts from way back in 1983, when computers were just starting to find their way into the workplace and home.

Read more
Adobe free trial: Try Creative Cloud for free
Close up of Adobe Photoshop app icon being chosen from among other Adobe apps on a laptop screen.

If you're working in a creative or design field, or even if you just enjoy a hobby like photo editing in your spare time, there's no way you haven't heard of Adobe. The company makes some of the most popular software out there for graphic design, video editing, and other visual arts, and it's an essential for many people working in graphics fields. The software is frequently updated with features like AI, plus performance improvements to speed up processor-intensive tasks.

But none of this comes cheaply. Adobe offers its software through a subscription based plan called Creative Cloud, and it's a pricey one. If you want to figure out if the software is worth it for your needs, you can try out a free trial of Creative Cloud.
Is there an Adobe free trial?

Read more
How Vision Pro tech could come to the Mac
The Mac Studio and Studio Display at Apple's Peek Performance event.

You're probably familiar with the Apple Vision Pro, which uses spatial computing technology to bring content alive in the world around you. Virtual reality headsets and 3D displays exist to make games and other content feel more immersive. Apple, however, wants to be the best of the best and is looking into bringing spatial computing experiences to computer monitors, presumably to run your Mac.

A patent for "Displays with Selective Pixel Brightness tuning" was published on April 4, showing the company's interest in the technology. Much of it involves using a lenticular display and a lenticular lens film so that a viewer can see what looks like three-dimensional images without wearing a headset.

Read more