You think that a public cloud is inherently dangerous, and that the only way to achieve that level of security in the cloud, meets the rigorous requirements of your organization, is to implement your own private cloud. Do you think this is the correct statement? Unfortunately, there is very little rational about this.
In fact, serious software and hardware vendors are largely responsible for the newspaper duck "The public cloud is dangerous!" - spreading fear, uncertainty and doubt (FUD) in the market. For the creation of private clouds is the purchase of many devices and applications. The last thing vendors want is for their customers to move to the public cloud, if they are real vendors. Don't be fooled.
Public clouds are generally more secure than private clouds for a number of reasons. And that's why.
Why public clouds are more secure: support skills
Public clouds are more "hardened" against hacking - hackers know where to find the most "tasty" things - of course, inside the public cloud, where the information of many clients is stored. If they could break through the "defenses" of the public cloud, they would get a lot. Therefore, the incredible number of hacker attempts such large cloud services as Amazon Web Services, Microsoft Azure and others have been tempered for many years.
Attracting the best security experts - Public cloud providers attract not only hackers, but also talent. If you are a top cloud security expert, where would you like to work: Amazon? Insurance Company? Which manufacturer or government agency? All clear. :)
The use of modern and the latest developments in security - public cloud providers are constantly building new cloud data centers, purchasing equipment and modern software, very quickly pays off due to scale. You do not need to know how their principle is implemented "to the fullest" and "incredibly fast". New developments. In full. Incredibly fast.
Why private clouds are less secure:
Complaints - It's amazing how many businesses think their DMZ
DMZ (demilitarized zone, DMZ) is a technology for ensuring the protection of the information perimeter, along which servers responding to requests from an external network are located in a special network segment (called a DMZ) and are restricted in access to the main network segments using a firewall (firewall , in order to minimize damage when hacking one of the publicly available services that are located in the DMZ (from Wikipedia)
and firewalls (firewalls) can give them proper security. If we are talking about an internal, local network, it probably provides security. Is everything controlled on the Internet? What about email? Not to mention viruses. And what about twenty times the employees uploading malware to the corporate network via phones? Nowadays, the enterprise wants a private cloud, believing that everything they used for the internal network will be crammed into their cloud and have security. Character to them in this!
Implicit Competence of Employees - Of course, your organization has many security people. They all know their stuff. Try this: Throw a big party for them. Look around for two hours. See who is this guy with the lampshade on his head? Ah, he is responsible for the security of your private cloud. :)
Not enough penetration tests - how do you validate to make sure the private cloud or any other part of the IT infrastructure is secure? Very simple: your testers run a series of security tests. Are you hiring a third party to run them for you? If all tests pass, you are safe, right? Perhaps for a few minutes until hackers apply new attacks and hit your security tests. Oops.
Outdated devices / apps in use - you've spent hundreds of thousands of dollars on hardware security. In 2009. You are now in a private cloud. Try this: Ask the SPI for hundreds of thousands of dollars to replace these three year old devices. Answer? Maybe next year. Try updating your patches. Perhaps you will succeed. But don't hesitate to compare your achievements with those shiny things that are collected and updated in public clouds every day.
This article is by ZapThink, a consulting, training and leadership company providing service-oriented architecture and cloud computing for private and public enterprises.
No comments:
Post a Comment