IT security must change for the cloud

IT security needs to change to better fit the incoming cloud technologies, according to a senior analyst.

Cloud security

Security for IT has always been based on keeping people out of the data centre.

However, with cloud computing becoming more prominent, this pattern needs to change.

So claims Rik Ferguson, senior security advisor for Trend Micro, who told a Westminster eForum held in London this morning that the technology security industry had to adjust.

"The security model traditionally has been one of outside in, [with] a strong perimeter and different layers behind that, always focusing on the intruder coming in," he said.

"With cloud we have to change the way we think. It is inside out security about security systems, access rights, data and the whole chain as at that point the data can exist anywhere."

Trevor Dearing, head of enterprise marketing for Juniper Networks, agreed that the model needed to change, comparing the current one to a castle and the future to a hotel.

"The model is changing. Before we had a castle and built a moat around the data centre... but in the world of virtualisation everything moves around," he added.

"Security policy was traditionally built around the idea of being behind a firewall. The challenge with cloud is it can change from minute to minute, second to second... and the model is something more like a hotel where security acts as a service."

Security experts have the attitude that if you are not sure something is secure then just don't do it, which just cannot continue with cloud computing, according to John Colley, managing director of ISC2 in Europe.

"The business case for cloud computing is very compelling and it will happen with or without information security's blessing," he said.

"The role for them to do is work out how to do it securely [and] look at how things can be done instead of why things cant be done."

Ferguson controversially concluded the debate saying: "The reason I think cloud is absolutely a viable model [is that] it has already been adopted by criminals and they are the leading edge adopters."

"They see the power, scalability, availability and in their case for them anonymity of this technology and want to use it."

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Microsoft spearheads industry-wide charter against AI cyber attacks
Security

Microsoft spearheads industry-wide charter against AI cyber attacks

23 Oct 2020
Weekly threat roundup: Chrome, Citrix and WordPress
Security

Weekly threat roundup: Chrome, Citrix and WordPress

23 Oct 2020
IT services giant Sopra Steria falls victim to Ryuk ransomware
Security

IT services giant Sopra Steria falls victim to Ryuk ransomware

23 Oct 2020
CMS platforms succumb to KashmirBlack botnet as businesses rush online
Security

CMS platforms succumb to KashmirBlack botnet as businesses rush online

22 Oct 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020