Wednesday 31 October 2012

Security and Automation in the Cloud

Security and Automation in the Cloud

One of the biggest concerns IT managers have about moving business-critical applications into the cloud and away from the data center is the issue of security. What you may not realize, however, is that the same tools for automation and provisioning that function in cloud implementations also offer a significant opportunity to improve security.

Public vs. private clouds

The first concern, of course, is whether the cloud in question is private or public. If you’re using a public cloud provider such as Amazon Web Services, you know you’re looking at Level 1 PCI DSS compliance. If you’re running a cloud solution in-house, however, you need to make sure you’re handling all of that security via firewalls and network and storage management.

Public cloud solutions also require different security and automation models. You need to give more heed to firewalls, NAT, load balancers, and other related issues. This doesn’t mean public cloud solutions aren’t worth it, of course. They still provide increased efficiency, scalability, and even security.

Benefits of making provisioning automated

Cloud solutions that automate server configuration during the provisioning process improve security in cloud environments. You might have literally thousands of VMs, each of which would require individual setup and maintenance without automated provisioning. Automated provisioning reduces your costs, increases your agility, and creates a standardized environment that is less vulnerable to security issues than non-automated environments.

Virtualized, embedded security

The nature of a virtual machine is such that every security measure you place at the virtual server are naturally replicated. That means that, as you expand your use of a private cloud solution, you have the ability to automatically embed security measures with each new VM as it is created.

Management is the key here. If this aspect isn’t handled correctly, you can create a wide array of variant server images, each with different security measures in place. This creates something of a security nightmare.

Making use of automation in cloud solutions in order to make certain your servers are in compliance with all necessary security measures should be one of the key tasks your cloud computing staffs deals with on a regular basis.

No comments:

Post a Comment