4. Security In Cloud


CLOUD SECURITY CHALLENGES
Committing to a cloud computing provider can result in significant cost savings and more streamlined, flexible operations. However, trusting that provider to keep your data secure can be another matter entirely. Cloud computing opens up a new world of opportunities for businesses, but mixed in with these opportunities are numerous security challenges that need to be considered and addressed prior to committing to a cloud computing strategy. Cloud computing security challenges fall into three broad categories:
Data Protection: Securing your data both at rest and in transit
User Authentication: Limiting access to data and monitoring who accesses the data
Disaster and Data Breach: Contingency Planning

Data Protection
Implementing a cloud computing strategy means placing critical data in the hands of a third party, so ensuring the data remains secure both at rest (data residing on storage media) as well as when in transit is of paramount importance. Data needs to be encrypted at all times, with clearly defined roles when it comes to who will be managing the encryption keys. In most cases, the only way to truly ensure confidentiality of encrypted data that resides on a cloud provider's storage servers is for the client to own and manage the data encryption keys.
User Authentication
Data resting in the cloud needs to be accessible only by those authorized to do so, making it critical to both restrict and monitor who will be accessing the company's data through the cloud.  In order to ensure the integrity of user authentication, companies need to be able to view data access logs and audit trails to verify that only authorized users are accessing the data.  These access logs and audit trails additionally need to be secured and maintained for as long as the company needs or legal purposes require.  As with all cloud computing security challenges, it's the responsibility of the customer to ensure that the cloud provider has taken all necessary security measures to protect the customer's data and the access to that data.
Contingency Planning
With the cloud serving as a single centralized repository for a company's mission-critical data, the risks of having that data compromised due to a data breach or temporarily made unavailable due to a natural disaster are real concerns.  Much of the liability for the disruption of data in a cloud ultimately rests with the company whose mission-critical operations depend on that data, although liability can and should be negotiated in a contract with the services provider prior to commitment.  A comprehensive security assessment from a neutral third-party is strongly recommended as well.
sCompanies need to know how their data is being secured and what measures the service provider will be taking to ensure the integrity and availability of that data should the unexpected occur.  Additionally, companies should also have contingency plans in place in the event their cloud provider fails or goes bankrupt.  Can the data be easily retrieved and migrated to a new service provider or to a non-cloud strategy if this happens?  And what happens to the data and the ability to access that data if the provider gets acquired by another company?
Cloud Computing Security Summary
While there are real benefits to using cloud computing, including some key security advantages, there are just as many if not more security challenges that prevent customers from committing to a cloud computing strategy. Ensuring that your data is securely protected both at rest and in transit, restricting and monitoring access to that data via user authentication and access logging, and adequately planning for the very real possibilities of compromised or inaccessible data due to data breaches or natural disasters are all key security challenges that a company must address when considering cloud computing providers.

INFRASTRUCTURE SECURITY
Now that we have some basic definitions sorted out, let’s focus on security in regard to Infrastructure as a Service or IaaS. Most admins will be most confortable and familiar with IaaS because it’s very similar to what you’re already doing now in your datacenter. Most likely, you have already deployed some kind of server consolidation plan to reduce the physical server footprint in your datacenter and save on energy costs. After server consolidation, you might then get interested in an IaaS offering, whereby you can take advantage of cloud features such as self-service and automation to help your company ramp up resources for application deployment and development faster than ever before.
But before you do that, you’ll need to think about the security implications of IaaS. The security issues are a little different, depending on whether you use a public cloud or private cloud implementation of IaaS. With a private cloud, your organization will have total control over the solution from top to bottom. With IaaS in the public cloud, you control the virtual machines and the services running on the VMs you create, but you do not control the underlying compute, network and storage infrastructure. For both scenarios, you should consider the following security issues:
  • Data leakage protection and usage monitoring
  • Authentication and authorization
  • Incident response and forensics capabilities
  • Infrastructure hardening
  • End to end encryption
Data leakage protection and usage monitoring
Data stored in an IaaS infrastructure in both public and private clouds needs to be closely monitored. This is especially true when you’re deploying IaaS in a public cloud. You need to know who is accessing the information, how the information was accessed (from what type of device), the location from which it was accessed (source IP address), and what happened to that information after it was accessed (was it forwarded to another user or copied to another site)?
You can solve these problems by using modern Rights Management services and applying restrictions to all information that is considered business critical. Create policies for this information and then deploy those policies in a way that doesn’t require user intervention (don’t make it the user’s responsibility to decide which information is business critical and should be rights-protected). In addition, you should  create a transparent process that controls who can see that information and then create a “self-destruct” policy for sensitive information that does not need to live indefinitely outside of the confines of the corporate datacenter.
Authentication and authorization
Of course, in order to have an effective Data Loss Prevention (DLP) solution – you have to have robust authentication and authorization methods in place. We can all agree that user name and password is not the most secure authentication mechanism. Consider two factor or multi-factor authentication for all information that needs to be restricted. In addition, consider tiering your access policies based on the level of trust you have for each identity provider for your IaaS cloud solutions. The level of authorization you enable from an identity provide such as Google Mail is going be a lot lower than if the identity provider is your corporate Active Directory environment. Integrate this authorization tieringinto your DLP solution.
End to end logging and reporting
The effective deployment of IaaS, both in the private and the public cloud, demands that you have comprehensive logging and reporting in place. As virtual machines are spun up automatically and moved between servers in an array dynamically over time, you never know where your information might live at any place in time (and this becomes even more interesting when we look at the issue of storage virtualization and dynamic migration). In order to keep track of where the information is, who accesses it, which machines are handing it, and which storage arrays are responsible for it, you need robust logging and reporting solutions.
The logging and reporting solutions are important for service management and optimization, and they will become even more important in the event of a security breach. Logging is critical for incident response and forensics – and the reports and findings after the incident are going to depend heavily on your logging infrastructure. Make sure that all compute, network, memory and storage activity is logged and that the logs are stored in multiple, secure locations with extremely limited access. Ensure that the principle of least privilege drives your log creation and management activities.
Infrastructure hardening
You need to make sure that your “golden image” virtual machines and VM templates are hardened and clean. This can be done with initial system hardening when you create the images, and you can also take advantage of technologies that enable you to update the images offline with the latest service and security updates. Make sure that you have a process in place to test the security of these master images on a regular basis to confirm that there has been no drift from your desired configuration, either due to malicious or non-malicious changes from the original configuration.
End to end encryption
IaaS as a service, both in public and private clouds, needs to take advantage of encryption from end-to-end. Make sure that you use whole disk encryption, which ensures that all data on the disk, not just user data files, are encrypted. This also prevents offline attacks. In addition to whole disk encryption, make sure that all communications to host operating systems and virtual machines in the IaaS infrastructure are encrypted. This can be done over SSL/TLS or IPsec. This includes not only communications from management stations, but also communications between the virtual machines themselves (assuming that you allow communications between the virtual machines). Also, when available, deploy mechanisms such as homomorphic encryption to keep end-user communications safe and secure. This is a form of encryption that allows complex calculations to be performed on the data even though it is encrypted.

NETWORK SECURITY
Cloud computing places the burden of security on the provider, but doesn't relieve you of the responsibility for protecting personal and sensitive data. Therefore it becomes essential to conduct a thorough review of the provider's security to ensure good governance. This means inspecting their information security policy and procedures against proven standards, such as ISO 27001.
There are a number of security risks associated with cloud computing that must be adequately addressed:

Loss of governance.
In a public cloud deployment, customers cede control to the cloud provider
over a number of issues that may affect security. Yet cloud service agreements may not offer a  commitment to resolve such issues on the part of the cloud provider, thus leaving gaps in security defenses.

Responsibility ambiguity
Responsibility over aspects of security may be split between the provider and the customer, with the potential for vital parts of the defenses to be left unguarded if there is a failure to allocate responsibility clearly. This split is likely to vary depending on the cloud computing model used (e.g., IaaS vs. SaaS).

Authentication and Authorization.
The fact that sensitive cloud resources are accessed from anywhere on the Internet heightens the need to establish with certainty the identity of a user -especially if users now include employees, contractors, partners and customers. Strong authentication and authorization becomes a critical concern.

Isolation failure.
Multi-tenancy and shared resources are defining characteristics of public cloud computing. This risk category covers the failure of mechanisms separating the usage of storage, memory, routing and even reputation between tenants (e.g. so-called guest-hopping attacks).

●Compliance and legal risks.
The cloud customer’s investment in achieving certification (e.g., to demonstrate compliance with industry standards or regulatory requirements) may be lost if the cloud provider cannot provide evidence of their own compliance with the relevant requirements, or does not permit audits by the cloud customer. The customer must check that the cloud provider has appropriate certifications in place.

●Handling of security incidents
The detection, reporting and subsequent management of security breaches may be delegated to the cloud provider, but these incidents impact the customer. Notification rules need to be  negotiated in the cloud service agreement so that customers are not caught unaware or informed with an unacceptable delay.

●Management interface vulnerability.
Interfaces to manage public cloud resources (such as self-provisioning) are usually accessible through the Internet. Since they allow access to larger sets of resources than traditional hosting providers, they pose an increased risk, especially when combined with remote access and web browser vulnerabilities.

Application Protection.
Traditionally, applications have been protected with defense-in-depth security solutions based on a clear demarcation of physical and virtual resources, and on trusted zones. With the delegation of infrastructure security responsibility to the cloud provider, organizations need to rethink perimeter security at the network level, applying more controls at the user, application and data level. The same level of user access control and protection must be applied to workloads deployed in cloud services as to those running in traditional data centers. This requires creating and managing workload-centric policies as well as implementing centralized management across distributed workload instances.

Data protection.
Here, the major concerns are exposure or release of sensitive data as well as
the loss or unavailability of data. It may be difficult for the cloud service customer (in the role of  data controller) to effectively check the data handling practices of the cloud provider. This  problem is exacerbated in cases of multiple transfers of data, (e.g., between federated cloud  services or where a cloud provider uses subcontractors).

●Malicious behavior of insiders
Damage caused by the malicious actions of people working  within an organization can be substantial, given the access and authorizations they enjoy. This is  compounded in the cloud computing environment since such activity might occur within either  or both the customer organization and the provider organization.

●Business failure of the provider
Such failures could render data and applications essential to
the customer's business unavailable over an extended period.

●Service unavailability
This could be caused by hardware, software or communication network failures.

●Vendor lock-in
 Dependency on proprietary services of a particular cloud service provider could lead to the customer being tied to that provider. The lack of portability of applications and data across providers poses a risk of data and service unavailability in case of a change in providers; therefore it is an important if sometimes overlooked aspect of security. Lack of interoperability
of interfaces associated with cloud services similarly ties the customer to a particular provider and can make it difficult to switch to another provider.

●Insecure or incomplete data deletion.
The termination of a contract with a provider may not result in deletion of the customer’s data. Backup copies of data usually exist,and may be mixed on the same media with other customers’ data, making it impossible to selectively erase. The very advantage of multi-tenancy (the sharing of hardware resources) thus represents a higher risk to the customer than dedicated hardware.

●Visibility and Audit.
Some enterprise users are creating a “shadow IT” by procuring cloud  services to build IT solutions without explicit organizational approval. Key challenges for the  security team are to know about all uses of cloud services within the organization (what  resources are being used, for what purpose, to what extent, and by whom), understand what  laws, regulations and policies may apply to such uses, and regularly assess the security aspects  of such uses.

CLOUD SECURITY
Assessment
The critical questions that cloud customers should ask themselves and their cloud providers during each
step of the security assessment are highlighted in Table .
Table : Cloud Security Assessment











Posted by

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)