On the surface, this finding seems hard to believe. Cloud computing has developed something of a bad reputation for security. Moving beyond local security into public cloud space, private cloud or hybrid cloud architecture stretches the capabilities of traditional security tools. New security holes and blind spots are created that were not there before.
However, a recent Information Week article reinforces the findings in the IDC paper. The article points out that cloud security tools are rapidly developing and are reaching a point where cloud security tools will outmatch any type of non-cloud security architecture.
What seems like a weakness in cloud security may in fact turn out to be a strength. Cloud services absorb vast amounts of data. The sheer global volume of a large-scale cloud like AWS, is part of the solution for improved security.
- The data are dispersed in data centers all over the world. This enables the systems to pull in all kinds of security intelligence as data flows in and out of the cloud. The intelligence gained in the passage of data can be used to track security threats and stop them more quickly.
- Because the cloud becomes a central entry-point, it has become the ideal location for securing communication and a single point of management for encryption keys.
- As cloud security evolves alongside software technology, IT security administrators have the ability to create software overlays that make security more streamlined and easier to manage.
For years, cloud computing progressed faster than cloud security could protect it. However, starting in 2015, the looks to be closing. The growth of large-scale public clouds takes the lion's share (2/3rds) of cloud infrastructure investment. This increasing investment translates to increased security potential.
The kind of research exemplifying the growing power of cloud security is the new development by University of Texas computer scientists. Called the "Space Travel" technique, this system will automatically allow one computer in a virtual cloud network to monitor another for intrusions, viruses or anything else that could cause a computer to malfunction.
Dr. Zhiqiang Lin and his team dubbed this technique "space travel" because it sends data to a world outside its home, bridging the gap between computer hardware and software systems. It uses existing code to gather information in a computer's memory and automatically transfer it to a secure virtual machine that is isolated and protected from outside interference. According to Lin,
You have an exact copy of the operating system of the computer inside the secure virtual machine that a hacker can't compromise. Using this machine, then, the user or antivirus software can understand what's happening with the space traveled computer setting off red flags if there is any intrusion.
New developments in Searchable Strong Encryption (SSE) allows businesses to parse their data without compromising on security. The CipherCloud encryption gateway, deployed in a user's datacenter, encrypts data in real-time as it flows into the cloud. SSE then puts a search index on the encryption so it can be searched securely. If a particular user has the right level of authentication, he or she can securely access a specific piece of data from the cloud.
In the last few years, the larger global cloud infrastructure has reached what amounts to an organic critical mass. There is sufficient capacity for the system to divide itself into autonomous virtual entities that can monitor its own internal workings. Techniques that grow out of years of experience with encryption have embodied themselves into the structure of the cloud. Most of this technology can not be duplicated on the scale of an in-house data center.
If you'd like to learn more about how ZenQMS uses the cloud to offer you a validated, secure Quality management system, just request a Demo below.