The Cloud Summit security debate

Our inaugural summit covers the most pertinent cloud security questions of today, including the Patriot Act and the quality of providers' infrastructure.

Cloud Summit logo

The biggest issue preventing companies from moving to the cloud has always been security, yet there are many complications IT departments have to consider.

When IT Pro and sister title Cloud Pro brought together experts from across the field at our Cloud Summit to discuss the complexities of cloud security, we got some solid answers.

One major contemporary concern is around the Patriot Act, which could allow US Government to go into cloud data centres to gain information, even if they're not on US soil.

You have to approach cloud providers as if they're insecure.

According to HP's UK & Ireland storage and server chief technology officer David Chalmers, however, HP will not open its doors in the UK to any US body enforcing the Patriot Act.

This was something that was echoed by Rackspace's vice president of technology Nigel Beighton, who said its UK datacentres would do the same.

So those relying on UK-based cloudy datacentres can fear not. But should people be worried about security of the providers' themselves?

"You have to approach cloud providers as if they're insecure," recommended Beighton, who quickly pointed out that didn't mean Rackspace was insecure.

He said it would be wiser to assume cloud solutions can't be trusted in order to ensure the information that businesses are putting up in the cloud is as secure as possible. Due to the risks involved, such an approach would also mean hybrid services are considered where necessary, according to Beighton.

Rik Ferguson, Trend Micro's director for security research, said businesses should approach vendors as if they were estate agents. He urged people to look into all the different options and pick the one that suits the customer's cloudy plans.

Businesses should be wary of complacency too, Ferguson said.

"Don't forget about the perimeter. The perimeter is still there, you just have to find where it is... To break through the cloud's perimeter, all you need is a credit card," he added, noting the importance of making cloud-based apps as secure as possible.

But what about when cloud providers' services are being used for malicious activity? Ferguson said it was certainly a possibility that users' services could be disrupted if law enforcement have to enter cloud datacentres and remove the hardware.

The providers themselves were a little stumped, but Beighton said they do checks on who is using their services. This includes checks on what kinds of credit cards are being used to buy cloud infrastructure and monitoring for spam. It was unclear, however, how vendors would comply with warrants to remove servers from datacentres and still ensure customers were unaffected.

There is a clear need for definite processes and standards for cloud security. Once these come into place, adoption will surely skyrocket.

Look out for the rest of our coverage from our Cloud Summit and the inaugural IT Pro awards this week.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Leading the data race

The trends driving the future of data science

Download now

How to create 1:1 customer experiences at scale

Meet the technology capable of delivering the personalisation your customers crave

Download now

How to achieve daily SAP releases

Accelerate the pace of SAP change to support your digital strategy

Download now

Recommended

Windows Server flaw sparks emergency US gov warning
vulnerability

Windows Server flaw sparks emergency US gov warning

21 Sep 2020
'Largest ever' Magecart hack compromises 2,000 online stores
hacking

'Largest ever' Magecart hack compromises 2,000 online stores

15 Sep 2020
NordLocker encryption heads to the cloud
encryption

NordLocker encryption heads to the cloud

21 Aug 2020
Infocyte integrates with Palo Alto Networks Cortex XSOAR
cyber security

Infocyte integrates with Palo Alto Networks Cortex XSOAR

19 Aug 2020

Most Popular

Google Pixel 4a review: A picture-perfect package
Google Android

Google Pixel 4a review: A picture-perfect package

18 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020