Table of Contents
Disadvantages of Cloud Computing and Virtualization
Risks of Cloud Computing
Cloud computing is all the rage, isn’t it? It’s a technology that we’ve named now and it’s things that we’re starting to do more of because our bandwidths are getting better, people are creating resources for use in remote locations and we’re able to blend that in with what we do as a normal part of doing business. But there are risks associated with cloud computing. Just like anything else. We have to consider those risks. One is that the data that we may put it be putting into the cloud may be available to more people than we want.
Cloud computing and the security of data
Often we’re dealing with machines and services run by other people/third parties. And if you’re putting data out there, there is a possibility that someone from those third parties might have access to that data. And if you’re using cloud computing and your data is highly valuable or very sensitive, you may want to consider making sure you set limits on what people can access. Perhaps you’re not putting the data in the cloud, or maybe you’re encrypting it when you put it in the cloud.
There are things you can do to help minimize the particular risk in your system. Another problem you have from a security point of view is that the direct secure access to this data or information is managed by a third party. If you look at something like Google Mail or Yahoo mail, you really don’t manage the security for that. You trust that Yahoo! Or Google is going to be able to make sure that your mail is secure and that nobody else gets information that you have inside of your inbox.
So that’s a bit of a challenge because now we’re putting that trust in a third party. And if you’re putting information into the cloud that’s being managed by a third party, that’s certainly something you should consider.
Can I access the data in a Cloud at any time?
Another crucial aspect of cloud computing is that these servers have established somewhere else. You may just be buying a service that happens to be on somebody else’s equipment. And in that case, you may not have a lot of control a problem occurs with the server.
If the server goes down, it loses power, a hard drive fails, or perhaps you get locked out of your accounts, you just don’t have direct access to be able to handle this particular issue. Just because it’s in the cloud doesn’t mean it’s always available. These are humans that are managing technical systems and sometimes what happens out there in the cloud creates downtime and allergies for you. You also have to keep that in mind because there is a risk of Cloud computing from your organization not having access to your systems and if that occurs, you need to have an understanding of what that means for the organization.
Controlling the system with Virtualization
Virtualization is another technology that has also come strongly. This idea of having a big monster computer and you can create virtual systems within that device. Before we used to have 20 different servers. Now we’ve got a large server, and there are almost 20 small servers sitting inside. What’s nice about that is we have a lot of control over what we can do with that system. We can allocate more memory. We can give it some more disk space. We’re not limited by physical constraints anymore. And there is a lot of positive business value associated with virtualization.
But from a security perspective, there is an emerging collection of threats coming from someone taking advantage of the layer of virtualization. This is the layer that sits at the root of all such virtual systems. And the bad guys know that if they can get access to that virtualization layer, there’s a chance to gain access to every single virtual machine that may be on that physical computer.
That’s a pretty big concern. You might have some very important information, might have 100 different virtual systems on a physical device. And by gaining access to this virtualization, it can put each and every one of these systems at risk. So it’s something you’ve got to keep track of as a security professional, as there are virtualization problems that you just can’t overlook. There is very little control over what happens within virtual systems. They’re all inside of one big computer.
Virtualization and security
It’s kind of hard to take a firewall and cram it inside of this physical computer and make all of the different systems communicate back and forth through that firewall. There isn’t a lot of virtual firewall support out there in the world. Also, the virtual firewall support that exists today is very limited to what it can do compared to a real firewall. So something also to consider there. You might be doing a lot of software-driven firewalls, and they might be on the servers themselves.
But certainly, something to consider when you’re moving into a virtual environment. There are also problems when you start looking at several systems being packed into one physical unit. In a data center, if it was a physical server, you had a lot of control over who accesses that server physically. You are even able to separate these servers off into completely different areas of the data center, in some cases into separate data centers. And that provided you with some advantages from being able to separate that out in the environment that you had, both from a data perspective and physically.
Once you put all on one device, the separation is a little more difficult to handle. And yes, you can manage the separation there. And there are things in place that allow you to do that. But you have to make sure they’re implemented properly, that different system is moved onto different V lands, that physically they can’t access each other and that those things are in place. It’s not as easy as looking in a room and knowing everything in this room is separated by everything in the other room.
Here is a picture that describes Virtualization briefly.
Now, in that virtualization layer, you have to make sure that things are handled as separate entities and that these two systems are not able to interact with each other.
From a business management perspective, we also have to be clear about the separation of duties when everything is on one big computer. When all of your databases are on separate virtual machines under this system, the separation of duties is a bit more complicated. How can you isolate someone from running a massive server that happens to have many different servers in it?
So that’s something just has to be part of your policies. If you run a virtual server, you can have several people who can control the virtual server. The administration of the server can be broken up into other pieces. Perhaps there is an overlay on top of one of these individual virtual management and security devices, something that you will need to consider implementing into your organization’s security policies.
However, these points don’t mean that Cloud computing and virtualization aren’t as good as it sounds. Those are very huge steps in the technology field. All this article is trying to explain is, besides those advantages, there are always a few disadvantages you should care about. Therefore if you can avoid or minimize these risks mentioned in the article, then you will be able to secure your data and get the full use of Cloud computing and Virtualization.