Cloud Computing Security – Public vs. Private Cloud Computing

0
Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Email this to someonePrint this pagePin on PinterestShare on TumblrBuffer this pageShare on RedditShare on StumbleUpon

Cloud Computing Security – Overview

cloud computing securityDuring the last few years, cloud computing has become a buzzword on the internet. In simple terms, it is the process of delivering services hosted on remote data centers connected through the internet. According to analysts, this market segment has a compound annual growth rate (CAGR) of around 10%, and is expected to reach USD 205.48 billion by 2018. The cloud computing services market can be segmented broadly into three categories based on service types: SaaS (Software as a Service), IaaS (Infrastructure as a Service), and PaaS (Platform as a Service). Adoption of this new IT infrastructure is widely accepted worldwide, and has become a common way of running businesses in the last five years.

However, the technological backwardness of emerging economies poses restrictions on cloud computing services due to lack of availability of network infrastructure. Many countries have also created limitations for data stored outside their borders. For example, the USA PATRIOT Act of October 26, 2001, also concerns the trust of the international markets in data centers located in the United States.

Many question marks populate a CIO’s thoughts – about security, cost and corporate application availability. Some answers are provided by private cloud computing, whereby remote services are delivered to users through an owned set of servers and data are stored locally.

Cloud Computing Security – Private Cloud Computing

A private cloud is cloud infrastructure – operated solely for a single organization – which can be hosted either internally or externally. Heavy reliance on server, desktop and application virtualization offers organizations the possibility to enjoy the advantages of cloud computing without the security risks described below.

Businesses that deal with critical information cannot compromise on data integrity and security. Some applications also need more control over the data processed. A public cloud offers highly scalable IT solutions that bring agility to business processes at reduced costs. However, multi-tenancy, data retention and compliance issues are factors that make businesses refrain from adopting a public cloud.

In a private cloud, you have greater control over the data management system. Data managed through your processes are securely stored behind a firewall in your company datacenter. Private cloud networks come with enhanced security solutions that are augmented by your network security. Data are securely encrypted and transmitted through an RDP tunnel so that unauthorized persons cannot access them. Moreover, data retention issues are prevented, as storage is in a secure and monitored environment.

Cloud Computing Security – Hosted or Local Applications?

An organization can decide to deliver applications to its users in two main ways: by installing the applications locally on the workstation or virtualizing them through cloud computing. It is generally accepted that locally installed applications are no longer the best choice, and most businesses are moving to virtualized applications. However, it is important to analyze the differences between applications virtualized in a private cloud and those in a public cloud.

In order to make this article easier to read, let us consider MS Office 365 vs. MS Office as an example. When Microsoft launched 365 back in 2011 many companies evaluated the benefits of this service. The reduction in installation cost, no maintenance, sharing features and high availability made this solution very appealing compared to traditional local installation. As with any hosted system, there are some configuration items that have been standardized, and cannot be customized.

ARCHIVING LIMITATIONS. Office 365 sets a message size limit of 25MB. It also limits the number of recipients to whom email can be sent in a 24-hour period. Each message may be sent to a maximum of 500 recipients.
RETENTION LIMITATIONS. Deleted Items are kept for a maximum of 30 days in the Deleted Items folder. Deleted Item recovery is set to 14 days in Office 365. Once an item is deleted, and the recovery period has expired, there is no way to retrieve that item.
DATA LOCATION LIMITATIONS. Microsoft stores Office 365 customer data in a number of different countries based on the location of the customer. Moreover, Microsoft can move customer data without notice and will not guarantee exactly where a customer’s data will be stored. European Union customer data can be stored in data centers in the US, Ireland and the Netherlands.
SECURITY LIMITATIONS. Office 365 does not offer advanced and targeted threat protection techniques, such as real-time examination of links for malware, in addition to reputation checks.
OS AND APPLICATION VERSION LIMITATIONS. The minimum supported versions of Outlook clients that can be used are Outlook 2013, 2010 and 2007 (with some limitations in functionality) for Windows, and Outlook 2011 for Mac. Office 365 support for Windows XP/SP3 and Vista SP2 ended on December 31, 2013.
BACKUP AND RECOVERY. Backup and recovery of customer data are controlled solely by Microsoft.
LICENSING. Although Office 365 proposes a utility-based model for licensing, automatic plan assignment or reassignment as a user changes roles is not available through DirSync/ADFS, as is also the case for true single sign-on capability. A license is named and not sharable.

Moreover, MS Office is only one of the tools needed for an employee’s day to day activities, so the complexity of having data partly in the cloud and partly locally can limit productivity.

Application virtualization in a private cloud solves most of these limitations, allowing businesses to maximize their productivity. In a private cloud, you can easily benefit from the advantages of application virtualization while remaining in full control of company data and applications.

NO INSTALLATION REQUIRED: The installation of an application on hundreds or thousands of computers is prone to error. Application virtualization simplifies software deployment.

APPLICATION RETIREMENT SIMPLIFIED: Getting rid of an app from your whole network is much easier as well. Since virtual apps just have to be deleted, it is usually not necessary to uninstall them.

NO MORE APPLICATION CONFLICTS: Sometimes, installation of an app corrupts another app. Application virtualization helps reduce the risk of application conflicts.

NO REGISTRY AND SYSTEM BLOAT: The more apps you install on a desktop, the more bloated its registry and system folder will become. This makes the computer slower and increases the risk of failures. Application virtualization leaves the registry and system folder untouched.

As opposed to a solution such as Office 365, the IT manager can personalize the configuration according to company policy, avoiding forced conformity to a market standard.  The personalization of data sharing, backup and recovery policies offer the control needed to effectively support the business.

ARCHIVING & RETENTION.  IT managers can define the company policy for archiving, and personalize by user rights from active directory. Data folder and inbox sizes can also be personalized.
DATA LOCATION & SECURITY. The location is defined by the company. Data are safely stored within the company perimeter behind the firewall.
OS AND APPLICATION VERSION. Application virtualization can be delivered on any OS: Mac, iOS, Android, Linux, Chrome, Windows XP, 7 & 8.1.
BACKUP AND RECOVERY. Policies are owned by the company and the service is administered as needed.
LICENSING.Licenses are not named and can be shared between users. Many software vendors offer concurrent user licensing that can further reduce cost.

Cloud computing technology offers high-end virtualization tools to optimally leverage resources. In private cloud computing technology, there is a greater level of transparency when it comes to networking solutions. The functionality of the virtualization can be customized, security enforced, and application delivery personalized to meet your business requirements.

Cloud Computing Security – With Parallels Remote Application Server?

Parallels RAS (Remote Application Server) easily delivers Windows applications hosted on hypervisors and Windows remote desktop servers to anyone anywhere using any type of operating system, computer or mobile device. By hosting applications in the private cloud, businesses benefit from reduced administrative overheads and less helpdesk support, and can easily control who can access such applications and ensure that everyone is using the latest and most secure version of an application.

Private clouds allow organizations to centralize all data, improve the security of their network, easily protect their data and manage access through a central location. With Parallels RAS, businesses can build their own secure private cloud and scale it to their needs to provide all office-based and remote employees better access to all applications and virtual desktops.

Cloud Computing Security – Conclusion

For CIOs and CEOs, cloud computing security is still a hot topic for discussion. The choice between private and public clouds depends on a particular company’s needs. The risk associated with the data stored remotely and the limitations in data retention policies can push an organization to move to a private cloud solution. Parallels Remote Application Server offers effective tools to implement private cloud computing with minimal effort and seamless end user experience.

References

Cloud Computing Security :  http://marketing.networkworld.com/pdf/IDGE_Cloud_Computing_2012.pdf

Cloud Computing Security : http://blogs.cisco.com/datacenter/business-continuity-and-workload-mobility-for-the-private-cloud-cisco-validated-design-part-1/

Cloud Computing Security : http://en.wikipedia.org/wiki/Cloud_computing_security

Cloud Computing Security :  http://security.sys-con.com/node/1231725

Cloud Computing Security :  http://technet.microsoft.com/en-us/magazine/hh641415.aspx

Cloud Computing Security :  http://gcn.com/articles/2010/03/18/dark-cloud-security.aspx

Cloud Computing Security :   http://www.elsevier.com/books/securing-the-cloud/winkler/978-1-59749-592-9#description

Cloud Computing Security :  http://www.infoworld.com/article/2652198/security/gartner–seven-cloud-computing-security-risks.html

Cloud Computing Security : http://www.infoworld.com/d/security-central/gartner-seven-cloud-computing-security-risks-853

Cloud Computing Security : http://blogs.forrester.com/srm/2009/11/cloud-security-front-and-center.html

Cloud Computing Security : http://www.darkreading.com/identity-management-in-the-cloud/d/d-id/1140751

Cloud Computing Security : https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf

Cloud Computing Security : http://content.dell.com/us/en/enterprise/d/large-business/benefits-cloud-based-recovery.aspx

Cloud Computing Security : http://www.elsevier.com/wps/find/bookdescription.cws_home/723529/description#description

Cloud Computing Security : http://researchrepository.murdoch.edu.au/19431/1/emergence_of_cloud_storage.pdf

Giorgio Bonuccelli is a Marketing and Communications Director at Parallels. Giorgio has extensive experience in cloud computing and virtualization, with a background of many years in multinational corporations (Dell, EMC and McAfee). In his career he has filled different roles, from sales to training and marketing. This wide-ranging experience and flexibility helps him simplify concepts and write content that is easy to read and understandable even by newcomers to the subject. As a blogger and technical writer he has published more than 1000 papers.