Be cloudy and secure...


Cloud Security Authors: Terry Ray, Elizabeth White, Simon Hill, Yeshim Deniz, Shelly Palmer

Related Topics: Cloud Computing, Cloud Security Journal , Secure Cloud Computing, Security

Cloud Security: Blog Feed Post

Security Automation – A Fundamental Promise to Cloud ISVs

Software vendors that use their cloud have an intense need for security, and they need it packaged with cloud friendly APIs

In a recent conversation with a public cloud provider, the message was loud and clear. Software vendors that use their cloud have an intense need for security, and they need it packaged with cloud friendly APIs (Application Program Interfaces).

This is actually a deep point. There have been a lot of recent debates trying to define “what is cloud”, yet arguably one of the most interesting definitions requires the ability to automate the infrastructure using APIs.

Typical APIs in the cloud are web service APIs, using technologies such as XML and HTTP. But the topic is not really a technology topic – its a fundamental business model topic.

When functionality in the cloud can be automated via API, the benefit is elasticity and flexibility. Servers and storage can be added and removed at will, and the “will” is not just an administrators will but can be an automated script that modifes resources based on changing demand.

This is a Good Thing. Indeed, it is the fundamental promise of cloud technology, along with pay-as-you-go economics.

ISVs (Independent Software Vendors) understand this even more than most, since their entire business depends on the ability to use the cloud infrastructure in an automated way without human intervention.

Now mix in security. Everyone “knows” that security is the barrier to adoption in the cloud. Yet there is a dearth of cloud-friendly security solutions out there. To be truly cloud friendly, a security solution must have APIs that allow:

  • Start, stop, restart, and termination of security functionality
  • Attaching security functionality to a specific cloud storage resource, e.g. to a virtual disk
  • Modifying access control rules for the storage
  • Locking (and unlocking) access to data
  • Managing alerts and reports, and routing them to appropriate management applications.
  • Managing encryption keys associated with the secured storage (such keys, by the way, cannot be stored in the virtual cloud environment, but that’s a different story).

A few security specialists have started to notice this, notably Porticor. Such API-driven automation allows dealing with the security barrier while respecting the fundamental cloud model.

No wonder our friends in the cloud provision community see this as a high priority.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.