Welcome!

Containers Expo Blog Authors: Liz McMillan, Zakia Bouachraoui, Roger Strukhoff, TJ Randall, Pat Romanski

Related Topics: Microservices Expo, Containers Expo Blog, @CloudExpo

Microservices Expo: Article

Cloud Storage and Security Not a New Concept

Everybody Talks About It, But Is It Really All That Different?

Articles and blog posts associated with security and cloud computing are a daily occurrence, unless some well-publicized breach occurs in the cloud.  At that point the number of commentaries and discussions will increase exponentially, and then, over the following week, return to normal frequency. 

I decided to focus on security as it relates to cloud storage, to see if something really new and different is occurring, and if overall changes need to be contemplated, as it comes to classic data security activities.  When I focused in this way, I quickly discovered that not much has changed, and security of data in the cloud is highly dependent on the same precautions and understandings as security of your data in a private data center.

In this recent article, it was suggested that files of one owner residing on a physical device with the files of others could somehow result in unauthorized access. It could, and the answer to this and a myriad of concerns fits within traditional approaches and understandings of security.  

For example, Mezeo encrypts all files prior to storage.  So, even if you somehow got access to another's file, it would do you no good.  My point is that the cloud introduces a few additional complications, but it is not a problem that the current level of speculation seems to portray it as.  An extension to typical security practices, diligence, effective execution and audit of your current practices is what is required.

With this underlying theme, we look at how best we can ensure the security of the data in the cloud. Let's look at five areas that you should consider in regards to storing data in the cloud.

1. Physical Security: First, understand some things about the data center that is hosting the cloud where your data is stored:

  • Is the data center physically secure? 
  • What about it's ability to withstand power outages? 
  • For how long? 
  • Are there multiple, independent (on different grids) electrical power paths? 
  • How are communications facilities enabled and where does the fiber enter the facility?
  • How many communications providers have a POP (point of presence) at the facility? 
  • How is the data center certified (SAS 70 Type II)?

World class data centers are expensive, and they are also well understood.  What is the tier rating of the data center? (Tier IV is best). Make sure you do business with a cloud storage service provider who makes use of such facilities.

2. Data encryption:
Encryption is a key technology for data security.  Understand data in motion and data at rest encryption.  Remember, security can range from simple (easy to manage, low cost and quite frankly, not very secure) all the way to highly secure (very complex, expensive to manage, and quite limiting in terms of access).  You and the provider of your Cloud Storage solution have many decisions and options to consider.  For example, do the Web services APIs that you use to access the cloud, either programmatically, or with clients written to those APIs, provide SSL encryption for access, this is generally considered to be a standard.  Once the object arrives at the cloud, it is decrypted, and stored.  Is there an option to encrypt it prior to storing?  Do you want to worry about encryption before you upload the file for cloud storage or do you prefer that the cloud storage service  automatically do it for you? These are options, understand your cloud storage solution and make your decisions based on desired levels of security.

3. Access Controls: Authentication and identity management is more important than ever.  And, it is not really all that different.  What level of enforcement of password strength and change frequency does the service provider invoke? What is the recovery methodology for password and account name?  How are passwords delivered to users upon a change?  What about logs and the ability to audit access?  This is not all that different from how you secure your internal systems and data, and it works the same way, if you use strong passwords, changed frequently, with typical IT security processes, you will protect that element of access.

In addition, you'll need to examine:

4. Service Level Agreements (SLA): What kind of service commitment is your provider willing to offer you?

and, finally, there's the notion of

5. The Trusted Service Provider.

For more details and analysis on these last two areas, visit my Cloud Storage Strategy blog.

More Stories By Steve Lesem

Steve Lesem is President/CEO of Mezeo Software. Previously, He was Senior Vice President and Chief Marketing Officer of the managed hosting provider VeriCenter. He has also served in leadership positions at SafeNet, BMC Software and IBM. Steve holds a Bachelor of Science from the University of Texas at Austin. He is the primary author of the Cloud Storage Strategy Blog (www.cloudstoragestrategy.com), which frequently sees posts picked up by publications in the IT services and Web hosting spaces.

IoT & Smart Cities Stories
IT professionals are also embracing the reality of Serverless architectures, which are critical to developing and operating real-time applications and services. Serverless is particularly important as enterprises of all sizes develop and deploy Internet of Things (IoT) initiatives. Serverless and Kubernetes are great examples of continuous, rapid pace of change in enterprise IT. They also raise a number of critical issues and questions about employee training, development processes, and opera...
This month @nodexl announced that ServerlessSUMMIT & DevOpsSUMMIT own the world's top three most influential Kubernetes domains which are more influential than LinkedIn, Twitter, YouTube, Medium, Infoworld and Microsoft combined. NodeXL is a template for Microsoft® Excel® (2007, 2010, 2013 and 2016) on Windows (XP, Vista, 7, 8, 10) that lets you enter a network edge list into a workbook, click a button, see a network graph, and get a detailed summary report, all in the familiar environment of...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...