CloudSecurityWorkspace

New Types Of Cloud Need New Types Of Security

Editor of eWEEK and repository of knowledge on storage, amongst other things

Follow on: Google +

As private and public clouds begin to interact and new types of cloud emerge, the security market is expected to grow with it, says Chris Preimesberger

Reliable user authentication in deployment of a cloud service is of utmost importance. Even though a cloud service to which you subscribe may have two-factor or higher levels of secure authentication, certain protocols must be observed and rules must be followed to enter each session. Frequent changing of passwords is required, and those passwords often must be long and complicated.

However, in this day of increasingly sophisticated hacking practices, conventional online authentication for access to these systems and services is often not enough – especially for systems moving highly sensitive data, such as in the government, military, financial and retail sectors.

Multiple types of clouds to secure

As cloud services gain more traction at all levels of IT – and that includes high-level enterprises down to single users at home—providers are coming up with new ways to keep everything tight.

Another factor in cloud computing security is coming to the fore as more of these service systems come online. Private clouds are now interacting with public cloud services and each other – especially in large enterprises with numerous partners, affiliates and contractors in the production chain. These multiple cloud formations require a whole new perspective on security.

CloudPassage, a three-year-old San Francisco-based startup founded by CEO and long-time RSA Security veteran Carson Sweet, is taking a leadership role in this area. Sweet describes CloudPassage’s Halo Netsec service, which launched 31 January, as the industry’s “first and only server and compliance service that specifically provides multiple-level security for elastic cloud servers.”

Halo Netsec features a firewall, two-factor authentication and intrusion-detection capabilities through a cloud service. Literally, this is a “secured security” service.

At this early point, Halo Netsec stands alone in securing cloud services because it enables administrators to build a perimeter defence without having to worry about the physical network. It secures everything from the endpoint to the virtual server, even if some or all of that traffic is passing over a public Internet – or from cloud to cloud.

This is of huge importance to IT administrators, especially when managing cloud services, because those administrators have no control or management capabilities for the public portion of cloud communications.