The definition of Cloud Computing that I use most often is from NIST (National Institute of Standards and Technology, formerly the National Bureau of Standard, and part of the United States Department of Commerce):
Cloud computing is a pay-for-use model for enabling available, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.
The key characteristics of the Cloud are:
- On-demand self-service
- Ubiquitous network access
- Location-independent resource pooling
- Rapid elasticity
We all know that a Public Cloud is the most economically beneficial. It is the closest to this definition of the Cloud. However, many IT and Security executives are concerned about the security of a Public Cloud. Your network traffic and data are sharing the same physical infrastructure with dozens, hundreds or even thousands of other organizations. This includes networks, storage and servers which impacts the security of your data-in-motion, data-at-rest, and data-in-process.
Almost two years ago I wrote about Amazon S3. Amazon Simple Storage Service provides a simple web service interface to store and retrieve any amount of data in the Cloud. Amazon S3 meets all of the characteristics of Cloud Computing including access from anywhere, pay for use, and rapid elasticity. More importantly for this topic, it provides significant security capabilities including IAM (identify and access management) policies, access control lists, and query string authentication. The later is critical for controlling access to data – a common way to steal data is to manipulate the question being asked of the data so that instead of returning just one piece of information it returns thousands of pieces of data. Amazon S3 also supports several alternatives for data encryption, including allowing you to control the encryption keys.
I also have written about the Unisys Stealth Solution for Network, a game-changing product to protect data-in-motion. Stealth provides defense-level encryption and authentication. More importantly, it automatically enforces communities of interest (COI). A COI is a group of users who need to share data within the group but not within anyone outside of the group. With Stealth, servers and workstations are completely invisible to anyone not belonging to the same COI. This cloaking also prevents many data-in-process attacks from stealing your data. Attacks like keystroke monitoring, screen scraping, and RAM skimmers require a way to transmit the captured data to the cybercriminal. Stealth significantly reduces the opportunities of such malware getting onto your servers and workstations, and prevents those outgoing transmissions.
Unisys recently announced that Stealth is available for Amazon Web Services (AWS). Amazon AWS, Amazon S3, and Unisys Stealth provide a Public Cloud platform that provides real security for data-in-motion and data-at-rest, with all of the keys controlled by you, not by Amazon or any other third party. Even an accidental or deliberate attack on Amazon by an employee, contractor, or government agency will not be able to intercept or look at your data without coming to you for the keys.
The last word:
About 20 years ago, a friend described Unisys as a computer hardware and software company whose technology supported its services offering. In the late 1980’s Unisys was the fourth largest software company in the world as determined by software sales revenue. Unfortunately, Unisys senior management never seemed to understand this. Most thought of Unisys as a services company that, incidentally, produced some product stuff.
Ed Coleman has been the CEO of Unisys for the past five years. He may actually understand. In a recent Computerworld interview, Coleman describes the new software-focused data center strategy and powerful new security technology focus for Unisys. That “new security technology” is Unisys Stealth. It will get very exciting if the rest of Unisys gets the same message.
Keep your sense of humor.