Page 39 - FCW, July30, 2016
P. 39

Cloud security:
Learning to trust the facts
Cloud technology can often exceed the security of an on-premises or legacy data center. Here’s why.
For many agencies, cloud computing is the answer to a wide range of long- standing challenges, including scal- ability and true elasticity, barriers to entry, technology refreshes and cost savings.
Yet cloud computing can introduce its own challenges, particularly in terms of security — not necessarily in the capabilities of the cloud but in the perceptions that surround cloud technology because of its abstract nature.
The facts, however, tell a different story: Security in the cloud can equal, and often exceed, the security of an on-premises or legacy data center.
Why the disparity between percep- tion and reality? Unlike on-premises and legacy data centers, cloud tech- nology cannot be seen or touched. Federal IT teams must put their trust in cloud providers, and that can understandably create questions and concerns.
It can also be uncomfortable for an agency to know it is potentially sharing the underlying physical hard- ware, which is mostly abstracted in the cloud, with other organizations. That discomfort often manifests in the form of security concerns.
To help dispel those concerns, let’s look at four of the reasons an infra- structure-as-a-service (IaaS) cloud
environment is, and can remain, highly secure.
1. Hypervisors
The hypervisor is the core software that allows multiple virtual machine instances to run on the same physical hardware. Its main job is to abstract the hardware and securely separate each of the virtual machine “tenants.”
A key benefit of this simplicity is that the hypervisor has a minimal attack surface, which helps prevent any exposure of the virtual machine instances via the hypervisor.
Hypervisors have been around for decades, and constant testing and hardening over time have further strengthened their security. Unlike operating systems that have con-
July 30, 2016 FCW.COM 31

   37   38   39   40   41