Don't Let Hybrid Clouds Rain on Your Security

Posted on by John Linkous

cloudEnterprises of all sizes have wholeheartedly adopted the cloud in all its various forms: Infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), and other, more exotic and granular definitions of "aaS" implementations are being developed every day. For many organizations, however, the hybrid cloud is key to scaling their services while still maintaining nearly complete control over their data and resources

There are many legitimate reasons why a company would go down this path. Some organizations need to temporarily scale their infrastructure without having to buy massive numbers of servers. Rather than buying the hardware, they outsource the computing cycles to the cloud, while still maintaining complete control of where the data is stored.. For other organizations, the opposite may be true: They're looking to outsource storage while maintaining strict control of program code and computing resources. Regardless of why, this model—the hybrid model of cloud computing—presents organizations with a number of unique security challenges.

Perhaps one of the most difficult challenges with the hybrid cloud is the state of data: Who is in possession of it at any given time? An organization may want to ensure that local data they control is unencrypted in order to maximize the performance of the applications that use that data, but at the same time, they want to ensure that the data is encrypted whenever it's off-site. This can present major problems in hybrid environments, where data fluidly and transparently moves between on-premise systems and the cloud service provider's environment. In such cases, organizations need to ensure that mechanisms are in place to encrypt and decrypt data at the point where it egresses to and ingresses from the cloud provider, and they need to ensure that data remains encrypted on remote storage.

Of course, the same problem exists for hybrid clouds where computing resources (as opposed to storage) are offloaded to the provider. That is why remote applications on the compute infrastructure will need to work with decrypted data, and data in memory will always be decrypted (if you don't believe that in-memory data is exploitable, you only need to look at the devastating OpenSSL Heartbleed vulnerability for validation). While there are solutions to this problem, such as split-key encryption and homomorphic key management, these solutions need to be properly architected into any system that is based on a hybrid cloud.

Another major issue for hybrid cloud environments is authentication and access control. For entirely public and private clouds, this generally is not an issue. For example, SaaS applications (think authenticate entirely through the application provider by default, and all authentication data lies in the cloud. But in the hybrid model, if your users are authenticating to an internal credential source—say, an Active Directory, or an LDAP—and they now want to access a program or stored data in the cloud, how will that authentication be handled? There are, of course, common standards like SAML, OAuth, and OpenID that can handle assertions of identity and access control requests, but these standards need to be carefully integrated within the hybrid cloud model to ensure that users are authenticating correctly and securely and accessing only the information they need (both on-premise and in the cloud). 

Configuration management is yet another area that must be carefully considered when it comes to hybrid clouds. An organization may utilize a combination of both on-premise and cloud-based computing facilities (to support scalability) as part of its strategy. Ensuring that hosts—both physical and virtual—are running the same patch levels, operating system versions, and code versions is critical to maintaining security; otherwise, attackers can easily gain a foothold into the information system hosted in the hybrid environment. It only takes a single vulnerable host within a fleet of servers to provide enough space to compromise the entire environment.

Of course, these aren't the only issues that are present in managing security in the hybrid cloud. Issues such as fault management and redundancy (to ensure availability of the overall system), computer and storage failover, and others are critical aspects of engineering systems in the hybrid cloud. For many organizations, hybrid cloud environments provide maximum scalability at a reasonable cost, while also providing tight control over data and other intellectual property. But while these infrastructures can provide tremendous advantages, they also come with responsibilities for security management that go beyond traditional public and private cloud models.

John Linkous

, Technology Advisor

cloud security data security

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community