Click here to close now.



Welcome!

Microservices Expo Authors: Elizabeth White, Carmen Gonzalez, Pat Romanski, Yeshim Deniz, Liz McMillan

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security

@CloudExpo: Blog Feed Post

Top Five Cloud Security Myths

Security isn't taken for granted in the cloud... and that's the way it should be.

While movement to the cloud keeps accelerating, fears about security hang on. Let’s take a look at the most common myths about cloud security that might be holding businesses back from taking advantage of the flexibility and scalability of the cloud model.

1. The cloud is inherently less secure than enterprise data centers.
This is the piece of “common sense” that hangs on, but the data just doesn’t bear it out. Alert Logic, a provider of cloud-enabled security solutions, does regular studies of its customers, looking at the actual threats they experienced. For the last few years, they’ve been finding that cloud hosting provider customer are less likely to experience most types of threats, and when they are impacted, it’s less frequent that what’s seen in enterprise data centers.

security guard meme

Security isn't taken for granted in the cloud... and that's the way it should be.

2. Cloud security is my cloud vendor’s job.
Security is never your vendor’s job, no matter where your infrastructure lives. Yes, your vendors play an important role – but ultimately it’s your job. First, as part of your discovery process in choosing a vendor, you should be asking them about security – from their own physical security and management processes to the types of solutions they can offer through their partners. Second, when you are working with any IaaS provider, you are paying them to manage the infrastructure portion of the IT stack – there’s still an application layer that you’re in control of, and web-facing applications are a prime vector for attacks. Your vendor is your partner in building a holistic security strategy for your infrastructure.


3. Customers will not be comfortable with data residing in the cloud.
True, some customers won’t, but that’s not a concern based on data (see item 1). You need to remind your customers that data on a well-managed and properly secured cloud instance is much safer than data in an enterprise data center without proper monitoring for intrusion, without a rock-solid process for collecting and analyzing logs, without 24×7 monitoring of security data, or without a proactive process of identifying and patching vulnerabilities. It’s the management, not the location. If you’re looking at cloud options, you understand that; being transparent with your customers about how you protect them can go a long way to easing these fears.

4. The cloud is home to hackers and criminals.
Yes, there are bad guys using the cloud as a base of operations. Before the cloud, when dedicated hosting was hot, there were bad guys setting up shop at hosting providers. A good service provider will have a solid fraud management program to root out and boot out the bad actors. Ask them about it. And remember – even though there will always be some criminals using the cloud (and traditional hosting and their own data centers), what you need to worry about is what their targets are – and if you’re a target, where they’ve set up shop will be less relevant that the strength of your defenses.

5. Securing the cloud is too complicated.
This one has a basis in truth – securing cloud infrastructure is not the same as securing a traditional data center, much to the chagrin of traditional security vendors who’ve tried to shoehorn traditional products into a new environment with less than stellar results. Cloud security solutions have to be designed to work in multitenant environments. They need to be able to autoscale with cloud instances and they can’t depend on a server having the same IP address all the time. When you’re looking at security solutions, ask questions. How did the vendor handle cloud challenges? Do they work with the leading cloud infastructure vendors who are developing the technology that drives the cloud? In other words – are they cloud aware? If so, they’ll have cut through that complexity for you.

The bottom line: in the cloud, like everywhere else, security is critical. Your cloud provider should be ready to have frank discussions with you about the right approach – and a robust set of tools to keep your infrastructure safe. Let those discussions guide your cloud strategy, and you’ll have an advantage over businesses that are driven by myths.

By Jake Gardner

Read the original blog entry...

More Stories By Gathering Clouds

Cloud computing news, information, and insights. Powered by Logicworks.

@MicroservicesExpo Stories
More and more companies are looking to microservices as an architectural pattern for breaking apart applications into more manageable pieces so that agile teams can deliver new features quicker and more effectively. What this pattern has done more than anything to date is spark organizational transformations, setting the foundation for future application development. In practice, however, there are a number of considerations to make that go beyond simply “build, ship, and run,” which changes ho...
Gartner is now treating algorithms like they are some kind of innovative addition to the modern digital discussion. Presumably the brilliant minds there have some novel insight into algorithms and, yes, the Algorithm Economy that CIOs should sit up and take notice of. Not only are algorithms nothing new, but much of what Gartner is saying about them is obvious. The bigger picture here is that software continues to improve, and enterprises are becoming increasingly software-driven, in part bec...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound...
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data...
NHK, Japan Broadcasting, will feature the upcoming @ThingsExpo Silicon Valley in a special 'Internet of Things' and smart technology documentary that will be filmed on the expo floor between November 3 to 5, 2015, in Santa Clara. NHK is the sole public TV network in Japan equivalent to the BBC in the UK and the largest in Asia with many award-winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology and will be covering @ThingsExpo Silicon Val...
SYS-CON Events announced today that Men & Mice, the leading global provider of DNS, DHCP and IP address management overlay solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. The Men & Mice Suite overlay solution is already known for its powerful application in heterogeneous operating environments, enabling enterprises to scale without fuss. Building on a solid range of diverse platform support,...
Internet of @ThingsExpo, taking place June 7-9, 2016 at Javits Center, New York City and Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 18th International @CloudExpo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo New York Call for Papers is now open.
SYS-CON Events announced today that Catchpoint Systems, Inc., a provider of innovative web and infrastructure monitoring solutions, has been named “Silver Sponsor” of SYS-CON's DevOps Summit at 18th Cloud Expo New York, which will take place June 7-9, 2016, at the Javits Center in New York City, NY. Catchpoint is a leading Digital Performance Analytics company that provides unparalleled insight into customer-critical services to help consistently deliver an amazing customer experience. Designed...
@DevOpsSummit taking place June 7-9, 2016 at Javits Center, New York City, and Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 18th International @CloudExpo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world.
Cloud Expo, Inc. has announced today that Andi Mann returns to 'DevOps at Cloud Expo 2016' as Conference Chair The @DevOpsSummit at Cloud Expo will take place on June 7-9, 2016, at the Javits Center in New York City, New York. "DevOps is set to be one of the most profound disruptions to hit IT in decades," said Andi Mann. "It is a natural extension of cloud computing, and I have seen both firsthand and in independent research the fantastic results DevOps delivers. So I am excited to help the g...
Korean Broadcasting System (KBS) will feature the upcoming 18th Cloud Expo | @ThingsExpo in a New York news documentary about the "New IT for the Future." The documentary will cover how big companies are transmitting or adopting the new IT for the future and will be filmed on the expo floor between June 7-June 9, 2016, at the Javits Center in New York City, New York. KBS has long been a leader in the development of the broadcasting culture of Korea. As the key public service broadcaster of Korea...
SYS-CON Events announced today that Addteq will exhibit at SYS-CON's @DevOpsSummit at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Addteq is one of the top 10 Platinum Atlassian Experts who specialize in DevOps, custom and continuous integration, automation, plugin development, and consulting for midsize and global firms. Addteq firmly believes that automation is essential for successful software releases. Addteq centers its products a...
In the rush to compete in the digital age, a successful digital transformation is essential, but many organizations are setting themselves up for failure. There’s a common misconception that the process is just about technology, but it’s not. It’s about your business. It shouldn’t be treated as an isolated IT project; it should be driven by business needs with the committed involvement of a range of stakeholders.
SYS-CON Events announced today that FalconStor Software® Inc., a 15-year innovator of software-defined storage solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. FalconStor Software®, Inc. (NASDAQ: FALC) is a leading software-defined storage company offering a converged, hardware-agnostic, software-defined storage and data services platform. Its flagship solution FreeStor®, utilizes a horizonta...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York and Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty ...
SYS-CON Events announced today that Column Technologies will exhibit at SYS-CON's @DevOpsSummit at Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Established in 1998, Column Technologies is a global technology solutions provider with over 400 employees, headquartered in the United States with offices in Canada, India, and the United Kingdom. Column Technologies provides “Best of Breed” technology solutions that automate the key DevOps principal...
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
SYS-CON Events announced today that IBM Cloud Data Services has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. IBM Cloud Data Services offers a portfolio of integrated, best-of-breed cloud data services for developers focused on mobile computing and analytics use cases.
SYS-CON Events announced today that Anexia will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Anexia offers high-quality customized managed hosting solutions for SaaS and IaaS companies. The company was founded in 2006 in Klagenfurt, Austria. Today, it has additional offices in Vienna, Graz, Munich, Cologne and New York City to serve numerous international customers.
SYS-CON Events announced today that Stratoscale, the software company developing the next generation data center operating system, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Stratoscale is revolutionizing the data center with a zero-to-cloud-in-minutes solution. With Stratoscale’s hardware-agnostic, Software Defined Data Center (SDDC) solution to store everything, run anything and scale everywhere...