Cloud computing security experts weigh their options
IT professionals engaged in cloud computing are beginning to realize that they have a wealth of security options at their fingertips, it's just a matter of choosing the appropriate solution. It's not necessarily about selecting the appropriate computer security program, as PCs, laptops and now mobile devices are all connecting to public cloud servers in order to access information. Such an operation can make the world of cyber crime quite intimidating, as data center firewalls prove obsolete in the face of the modern hacker.
Finding the best defense
Though the phrase "the best defense is a good offense" may apply to team sports, that isn't necessarily the case for professionals in charge of protecting cloud servers. Actively moving against cybercriminals is like poking an anxious bull with a cattle prod; it could potentially expose a network to a sophisticated, financially crippling database attack. Creating a sturdy system is about assigning the appropriate resources to the necessary problem areas so that invasions can be detected without error.
CIO reported that server protection experts from monetary services companies Citi and AIG, as well as a professional working for the United States Federal Bureau of Investigation, assembled at Pace University in New York in order to find a solution to the security conundrum. Robert Zandoli, senior vice president in the global chief information security office of AIG, claimed that prioritizing threats is the organization's biggest challenge. If a company receives billions of alerts from surveillance tools, how is it supposed to decide which ones to address?
That didn't prevent Zandoli from expressing optimism though. During the panel, he noted that although a cloud infrastructure may appear vulnerable, the communicative flexibility of the solution can be of great assistance to new, automated anti-intrusion software. In a sense, these programs travel through the architecture 24/7, capable of identifying and patching threats before they occur.
Diving into the 'lake'
Other experts have considered venturing into more innovative, unorthodox security approaches. According to CSO Online contributor David Geer, IT services providers are constructing a web of big data platforms that enable users to inject any kind of information they wish while securing access to individual elements of the digital intelligence inside of the architecture. Peter Guerra, a network security professional, noted that the system abandons the traditional, holistic defense approach by treating each asset as equally important to each other.
"We like to bring all the data into the data lake in its rawest format," said Guerra, as quoted by the news source. "We don't do any extraction or transformation of data ahead of time,"
This process tags each data point with an identity access management code, which uses extensible access control markup language (XACML) that essentially tells the IAM how to treat the information in the event someone attempts to access it. The end result produces a protocol in which the big data environment can match the intelligence as it applies to the XACML rules. Though a complex procedure, it has so far proven effective in protecting digital knowledge located in cloud storage.
- Welcome to GoGrid!
- I'm a Cloud Infrastructure and Big Data Solutions expert.
- What questions do you have today?