Closing the Gap Between Security and the Cloud

Author: John Hawkins, Senior Director of Services, RiverMeadow Software

The cloud is a major presence in technology news and a trending topic that seems to pop up everywhere these days. The cloud certainly has the potential to transform computing across the spectrum, from individuals to SMBs to multinational corporations, and is rapidly becoming an essential part of the way companies do business.

One thing we know for sure is that while the cloud is growing at a breakneck pace and it’s not without barriers to entry. Security concerns, and a lack of secure solutions, could easily put a damper on cloud growth. In a report published by KPMG, survey data relates that 48 percent of enterprise leaders are concerned about general loss of control in the move to the cloud, while 42 percent are concerned that there isn’t an optimal method for migrating corporate data and workloads to the cloud. In fact, 42 percent related that moving existing infrastructure is too complex. Finally, 39 percent have concerns related to the loss of data and privacy.

These data points clearly indicate a common fear amongst leadership: by going to cloud, businesses are worried about losing corporate intellectual property and wasting resources. It isn’t a great leap to hypothesize that the lack of investment in cloud security innovation could be hindering the growth of cloud adoption. From the executive’s perspective, the value proposition of moving to the cloud isn’t always clear. If risk factors are deemed too significant, the potential benefits of cloud adoption become a moot point, however enticing they may be.

Tackling the Migration of Workloads to the Cloud

Disparities between the desired state of the cloud and the enterprise class cloud services that are currently available from service providers come to be viewed as flaws in the technology. Adoption slows as IT decision-makers wait for integrated and complete solutions they can trust. For example, one major component still not universally available is automated migration of workloads to cloud. Commonly referred to as cloud onboarding, it is the process of moving a workload from one cloud provider to another. Most providers are still onboarding customer workloads using manual methods that are extremely expensive and labor-intensive; it can cost thousands of dollars to move a single workload.

Today, there are a few companies tackling the challenge of streamlining the migration of workloads to the cloud. These are SaaS-based solutions that automate the core processes of cloud migration. Until recently, these SaaS solutions required the workload to be extracted from the source environment and moved into the control plane environment in order to execute the conversion process. Unfortunately, with this approach, all workloads would have to traverse the public Internet in order to be converted and deployed into the target cloud—creating a significant vulnerability. In hybrid cloud models, workloads frequently move between private and public clouds; clearly, a secure methodology is critical.

Besides the obvious risk involved in moving any data across the public Internet, compliance requirements and legal standards play a significant role in cloud security concerns. When migrating workloads to the cloud, there are a variety of acts and policies that need to be considered and adhered to with regards to data security. For instance, the Health Insurance Portability and Accountability Act (HIPAA) stipulates that all sensitive patient information must be kept private and that specific steps must be taken to ensure data security at all times. Likewise, Electronic Medical Record compliance mandates that cloud servers require proper authentication to access medical data.

Closing the Cloud Migration Security Gap

Unique SaaS-based solutions are emerging that will close the cloud migration security gap. In this approach, a source modeler (cloud appliance) is deployed into the target private or public cloud. Leveraging an existing direct connection between the source and target cloud environments, the workload attributes are collected and sent to the SaaS control plane. Based on the attributes, a set of virtual machines (VMs) equal to the source are created and deployed to the target cloud datacenter. The workload data is then collected directly from the source, overlaid onto the target VMs, booted and deployed into the cloud. By moving data within the trusted network connection, the need to leverage the public Internet to transfer server data is completely avoided. Such an approach mitigates security concerns associated with migrating workloads from a source datacenter into public and private clouds, as well as issues associated with data sovereignty, which, in and of itself, represents another gap in cloud technology. In addition to maintaining a high level of security throughout the migration process, this approach increases the speed with which workloads can be moved. It is no longer necessary to open tickets with network administrators to edit WAN settings in order to access source servers. The control plane has enough information to identify bottlenecks and trouble spots in the migration process, further streamlining the process and ensuring a higher global quality of service.

Read more: Dispelling Common Myths Surrounding UTM

Bridging the Technology Gap

Innovations in cloud migration security will be a boon to enterprises eager to begin migrating workloads from a source datacenter into private or trusted private clouds, but concerned about security and compliance issues. Faster, automated, and secure migration solutions will accelerate the growth of the private cloud market by enhancing efficiency and building confidence in a fairly new and often complex process. Bridging technology gaps paves the way for increased cost savings, enterprise agility, and further innovation.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join the CSO newsletter!

Error: Please check your email address.

Tags RiverMeadow SoftwareSaaSsecurityCloudsoftware securityMigration Security GapSMBsdata pointsCSO Australiasecurity concernsEnex TestLab

More about CSOEnex TestLabKPMGTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John Hawkins

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place