Channels ▼
RSS

Design

Safe Clouds Start At The WAN, Not The Web



According to Cable&Wireless Worldwide business manager Tom Stockwell, the best way to secure an Infrastructure-as-a-Service (IaaS) layer is to ensure that the prime access routes to the cloud computing environment are via the Wide Area Network (WAN), not the Internet.

Stockwell says that this route should help bypass any sense of anxiety for enterprises and large organizations that would prefer for applications in a cloud environment to not directly face the Internet. By placing these services in a secure cloud environment within the WAN and by using the established methods of data separation between different customers in a cloud computing environment, Stockwell suggests that data becomes intrinsically safer.

"Organizations run and operate a variety of applications, each having the potential for a different set of technical, security, availability and performance requirements. As such there will not be an immediate move to, or indeed a 'one-size-fits-all' approach, to cloud computing for the foreseeable future," said Stockwell.

The option then exists for businesses to adopt a hybrid approach, making use of a set of technologies across traditional dedicated infrastructure, dedicated virtual servers and cloud platforms, with applications remaining in the environment that best suits their individual security requirements.

"Cloud environments need to have access points for the end-user of the applications running on the platform, the IT team who has to manage the applications, the service provider themselves and also the IT management team who need to order and change the capacity. With an Internet-based cloud service the majority of those access points are exposed directly to the Internet, with only the service provider management access being 'internal'. By placing cloud computing services within the WAN the Internet exposure is far less, minimizing the risk as the cloud services are essentially moved further into the customer’s environment, giving them more control," added Stockwell.

Cable&Wireless' wider position on these technologies is to state that all cloud computing environments should always be built using industry best practice guidelines that have been developed and proved successful in physical environments, with additional security to protect data in the cloud. These security standards and procedures, such as firewalls, encryption, anti-virus and limiting access rights, have just as much place in a cloud environment as in the physical.

However, the company also points out that a balance must be made between the security policies implemented and maintaining the flexibility cloud computing can provide.

Stockwell concludes that, "A security infrastructure that slows down operations will impede the business objectives that made security a priority to begin with. By offering WAN connectivity for server administration, cloud environments can be rapidly created and tested before access is extended to internal or internet users, allowing for flexibility while still adhering to best practice and client’s own security guidelines."


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video