Cloud computing security

As businesses get more serious about using cloud computing they’re also getting more concerned about security.

This may come as something of a surprise to some who were sold cloud computing as being inherently more secure than traditional in-house IT infrastructure, but it also reflects the differing levels of security required by organisations.

“For immature organizations the native cloud service provider security almost always improves security. For mature and very mature organizations, native cloud security controls may be insufficient, this is why companies prefer to use extra cloud security layers and solutions to improve their security coverage of cloud workloads,” said Andras Cser, principal analyst at tech research company Forrester.

This demand is leading to growth in cloud security tools, which monitor data moving to and from the cloud and between cloud platforms. For example, tools that aim to identify fraudulent use of data in the cloud, unauthorised downloads, and malware in the cloud.

According to Forrester, the market for cloud security solutions grew 28 percent every year up to 2021, from $1bn in 2016 to $3.5bn in 2021, although it will remain small compared to the total public cloud market, which will hit $236bn by 2020.

Businesses tend to use a number of different platforms — public, private, and hybrid cloud — and this means that monitoring data, detecting anomalies, and spotting bad behaviour across different services can be hard.

“Traditional perimeter-based security tools do little to protect cloud workloads, and do-it-yourself internal solutions can be costly to develop and consume valuable in-house it resources. We expect most companies to look to commercial off-the-shelf solutions for their cloud security needs,” said Forrester.

Using third party tools, rather than relying on the cloud vendors own security, can give companies an additional layer of security. By using an additional layer of encryption, for example, companies can ensure that even if the cloud provider gets hacked their data should remain secure.

But adding that additional layer of security over the top of cloud computing does have an impact, both on price and performance.

Cser said these additional steps will effectively reduce the return on investment of the cloud by five to 10 percent, while performance of systems also diminishes by five to 15 percent, depending on the processing requirements. “Think of it as a performance tax,” he said.

Forrester’s Cloud Security Solutions Forecast said growth areas for cloud security include:

  • Cloud security gateways, which enable encryption of data in use, and may also feature shadow IT detection; data loss prevention; malware detection; and cloud access anomaly detection.
  • Centralised cloud security management: which control security configurations and file configuration integrity in IaaS and PaaS workloads
  • Hypervisor security: these tools allow users to monitor activity between the guest operating system and the hypervisor
  • Native IaaS/PaaS platform security: these are security tools provided by cloud platform providers and cover areas including data classification and categorisation; server access control; data-at-rest encryption and more.