Big Security Improvement for Cloud Computing

By Tim Mather
August 28, 2009 | Comments: 1

As I've written about previously, there has been a great deal of hype about cloud computing. There has also been considerable angst about the security afforded by cloud computing. Most of that concern has focused on public clouds. (By definition, private clouds are viewed as inherently more secure than public clouds.)

But public versus private clouds is a binary option. What organizations really want is a hybrid solution. The real question is how to utilize a private cloud (or your existing data center infrastructure - with all of the security that has been built into it) with the flexibility of public cloud computing with its greatly reduced (or possibly even eliminated) CapEx (capital expenditure)? This is referred to as 'cloud bursting,' and is the ideal business model that most CIOs have been seeking in the short-term. The big problem to date, however, has been the significant concern of organizations about exposing their internal infrastructures to the less robust security of public clouds. The increased risk of such has been a strong dissuasion.

That changed this week though. Amazon Web Services (AWS) announced a virtual private cloud (VPC) offering. This VPC offering is a far more secure hybrid solution than the previous 'cloud bursting' model. Features of this VPC offering include the following capabilities:

• specify a VPC's private IP address range from any block a customer organization chooses
• divide a VPC's private IP address range into one or more subnets
• bridge together a VPC and an organization's IT infrastructure via an encrypted VPN
• route traffic between a VPC and the Internet over the VPN connection so that it can be
examined by an organization's existing security and networking assets before heading to
the public Internet
• extend an organization's existing security and management policies within its IT
infrastructure to its VPC as if those policies were running within the organization's

This VPC offering by Amazon Web Services really is a significant security improvement for cloud computing; frankly, it's a game changer. Kudos to AWS for this innovative offering. Look for other cloud providers to also offer such a VPC capability in the coming months.

You might also be interested in:

1 Comment

You're right that Public vs. Private is a binary statement (it's nice to have such an easy divide) but it's important to consider that it's impossible to have Hybrids without Public and Private.

With that said, I work in the Gov. sector on much of the cloud stuff and right now people don't seem to want Hybrids.

Even if you can assume Private clouds are an obvious acceptance point, there's simply little trust in public clouds (even for public data).

So you can imagine the disbelief when you mention bursting and hybrids, and I can't blame the reaction much either.

Imagine someone told you to build a private cloud so you could have all the benefits of cloud but not have to worry about the security implications of storing sensitive information beyond your control... you'd say "sure ok, makes sense".

Now say "oh yea and then you can flip this switch and your systems will automatically and magically jump b/t your private cloud and a public one..." (i.e. all that work of keeping the info secure goes out the window).

Hey, if it were easy we'd all be bored :)

News Topics

Recommended for You

Got a Question?