Getting on the Cloud with Caution
Fifty one years after the release of the very popular Rolling Stones song, the words, “get off my cloud” are taking on a completely new meaning. While Mick Jagger might have been pleading for some peace and quiet and to just be left alone, today’s pleading is for unauthorized hackers to stay away from confidential and proprietary information stored in a very publicly accessible place.
Why would a company place their information that is the heart of their business in the hands of a stranger in a strange land. On the surface, that sounds ludicrous. However, there are a few very good reasons that companies are moving their IT infrastructure to the cloud.
The CapEx and OpEx of an in house IT system is a very large investment. When companies decide where to place their scarce investment dollars, it is becoming increasing popular to place those dollars in “line of business” investments that will provide profits rather than support infrastructure. This is particularly relevant for small and medium sized businesses. However, even for larger business, the trend is to focus the IT staff on special high value projects rather than day to day infrastructure and operations. Relying on cloud infrastructure also simplifies growth and technology upgrades. Thus, we see the continued growth of cloud computing.
Along with the rapid growth of cloud based infrastructures comes double digit growth of cloud infrastructure monitoring. Continuous monitoring is important for a variety of reasons including basic network traffic analysis and resource planning, receiving alarms of outages, bottlenecks or unanticipated heavy traffic periods. Monitoring, of course, is also a critical initial component for network security and protection against crippling malware.
According to a Ponemon Institute report, The 2016 Global Cloud Data Security Study, companies are not doing a very good job of securing the confidential information stored in the cloud. Respondents included IT professionals from around the world. Over half believed that their companies did not employ a proactive approach to compliance with privacy and data security regulations in a cloud environment. Most of the respondents (56%) also believed that their companies were not as careful with private customer information stored in the cloud.
Some general recommendations noted in the report are for companies to make broader use of encryption when data is stored in the cloud. Further, comprehensive policies should be developed that govern what information should and should not be stored in the cloud. Finally, continuous monitoring and security measures should be implemented by the company and the cloud service provider.
Cloud providers are offering enterprise monitoring services in IaaS environments with a goal of allowing more management control to the client company. EarthLink, for example, offers a server monitoring and management service as well as a network monitoring and management service for cloud customers.
Comprehensive monitoring services require access and visibility to data flows in a network. In order to establish a monitoring program that includes network analysis, application performance and acceleration, intrusion prevention, data loss protection, encryption/decryption offloading and other specialized services, numerous appliances may be required. Packet Brokers like the SmartNA-X from Network Critical help enterprise networks and cloud service providers manage the panoply of appliances that are required for robust monitoring.
Packet Brokers provide the physical access ports required to connect monitoring appliances but that is only the beginning. Intelligent features like filtering and port mapping allow the right information to get to the right appliance and nothing more. Access ports are protected from unauthorized access and fail-over features help maintain network operation when appliances lose power or are out of service.
In 2016, The Rolling Stones might now be singing, “Hey You, Get On My Cloud,” but only if they have complete monitoring services and good security. For more information about Packet Brokers and cloud monitoring, contact Network Critical