Welcome!

Open Web Authors: Esmeralda Swartz, CloudCommons 2012, Matthew Lobas, Elizabeth White, Liz McMillan

Related Topics: Cloud Expo, SOA & WOA, Virtualization, Open Web, Apache, Security

Cloud Expo: Blog Feed Post

Security and Automation in the Cloud

The first concern, of course, is whether the cloud in question is private or public

One of the biggest concerns IT managers have about moving business-critical applications into the cloud and away from the data center is the issue of security. What you may not realize, however, is that the same tools for automation and provisioning that function in cloud implementations also offer a significant opportunity to improve security.

Public vs. private clouds
The first concern, of course, is whether the cloud in question is private or public. If you’re using a public cloud provider such as Amazon Web Services, you know you’re looking at Level 1 PCI DSS compliance. If you’re running a cloud solution in-house, however, you need to make sure you’re handling all of that security via firewalls and network and storage management.

Public cloud solutions also require different security and automation models. You need to give more heed to firewalls, NAT, load balancers, and other related issues. This doesn’t mean public cloud solutions aren’t worth it, of course. They still provide increased efficiency, scalability, and even security.

Benefits of making provisioning automated
Cloud solutions that automate server configuration during the provisioning process improve security in cloud environments. You might have literally thousands of VMs, each of which would require individual setup and maintenance without automated provisioning.

Automated provisioning reduces your costs, increases your agility, and creates a standardized environment that is less vulnerable to security issues than non-automated environments.

Virtualized, embedded security
The nature of a virtual machine is such that every security measure you place at the virtual server are naturally replicated. That means that, as you expand your use of a private cloud solution, you have the ability to automatically embed security measures with each new VM as it is created.

Management is the key here. If this aspect isn’t handled correctly, you can create a wide array of variant server images, each with different security measures in place. This creates something of a security nightmare.

Making use of automation in cloud solutions in order to make certain your servers are in compliance with all necessary security measures should be one of the key tasks your cloud computing staff deals with on a regular basis.

Read the original blog entry...

More Stories By Unitiv Blog

Unitiv, Inc., is a professional provider of enterprise IT solutions. Unitiv delivers its services from its headquarters in Alpharetta, Georgia, USA, and its regional office in Iselin, New Jersey, USA. Unitiv provides a strategic approach to its service delivery, focusing on three core components: People, Products, and Processes. The People to advise and support customers. The Products to design and build solutions. The Processes to govern and manage post-implementation operations.