The Cloud Summit security debate

Our inaugural summit covers the most pertinent cloud security questions of today, including the Patriot Act and the quality of providers' infrastructure.

Cloud Summit logo

The biggest issue preventing companies from moving to the cloud has always been security, yet there are many complications IT departments have to consider.

When IT Pro and sister title Cloud Pro brought together experts from across the field at our Cloud Summit to discuss the complexities of cloud security, we got some solid answers.

Advertisement - Article continues below

One major contemporary concern is around the Patriot Act, which could allow US Government to go into cloud data centres to gain information, even if they're not on US soil.

You have to approach cloud providers as if they're insecure.

According to HP's UK & Ireland storage and server chief technology officer David Chalmers, however, HP will not open its doors in the UK to any US body enforcing the Patriot Act.

This was something that was echoed by Rackspace's vice president of technology Nigel Beighton, who said its UK datacentres would do the same.

So those relying on UK-based cloudy datacentres can fear not. But should people be worried about security of the providers' themselves?

"You have to approach cloud providers as if they're insecure," recommended Beighton, who quickly pointed out that didn't mean Rackspace was insecure.

He said it would be wiser to assume cloud solutions can't be trusted in order to ensure the information that businesses are putting up in the cloud is as secure as possible. Due to the risks involved, such an approach would also mean hybrid services are considered where necessary, according to Beighton.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Rik Ferguson, Trend Micro's director for security research, said businesses should approach vendors as if they were estate agents. He urged people to look into all the different options and pick the one that suits the customer's cloudy plans.

Businesses should be wary of complacency too, Ferguson said.

"Don't forget about the perimeter. The perimeter is still there, you just have to find where it is... To break through the cloud's perimeter, all you need is a credit card," he added, noting the importance of making cloud-based apps as secure as possible.

But what about when cloud providers' services are being used for malicious activity? Ferguson said it was certainly a possibility that users' services could be disrupted if law enforcement have to enter cloud datacentres and remove the hardware.

The providers themselves were a little stumped, but Beighton said they do checks on who is using their services. This includes checks on what kinds of credit cards are being used to buy cloud infrastructure and monitoring for spam. It was unclear, however, how vendors would comply with warrants to remove servers from datacentres and still ensure customers were unaffected.

There is a clear need for definite processes and standards for cloud security. Once these come into place, adoption will surely skyrocket.

Look out for the rest of our coverage from our Cloud Summit and the inaugural IT Pro awards this week.

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement

Recommended

Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020
Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/software/video-conferencing/355257/taiwan-first-country-to-ban-zoom-amid-security-concerns
video conferencing

Taiwan becomes first country to ban Zoom amid security concerns

8 Apr 2020
Visit/security/cyber-security/355271/microsoft-gobbles-up-corpcom-domain-to-keep-it-from-hackers
cyber security

Microsoft gobbles up corp.com domain to keep it from hackers

8 Apr 2020