There are essentially
two kinds of computing environments:
On-premises computing is the traditional form of computing in
which you or your company own and manage your own systems. All the applications
you use, as well as your data files, are in your own computers on your own
premises either on individual PCs or on an in-house local area network.
In cloud
computing, by contrast, your applications and files are held remotely
on the Internet (in cyberspace) in a network of servers which is operated by a
third party. You access applications and work on your files from your PC simply
by logging on to the network.
Cloud services are
provided by cloud-hosting providers, companies such as
Google, Amazon, Oracle Cloud, Rackspace, Microsoft Azure, and so on.
There is nothing
fundamentally new about the concept of cloud services. If you are using Gmail,
Hotmail or yahoo for your emails, you are using cloud services and probably
have been for years.
What is relatively new
is the types of services that are being offered in a cloud-environment. These
now go far beyond email to cover all the IT services that an on-premises
computing environment would deliver, such as accounting, marketing, human
resources and so on.
Advantages of cloud
computing
Cloud computing has
several advantages over on-premises computing:
1) You can run an
application or access your files from anywhere in the world using any computer.
2) Cloud computing is
cheaper.
3) You need less
technical knowledge.
4) Cloud computing
delivers a better performance.
5) Cloud computing is
eminently scalable. Increasing the number of applications you use or the amount
of data you store does not require a heavy investment; you only need to advise
the cloud-hosting adviser.
Given these advantages
it no surprise that over the last few years there has been a widespread rapid
adoption of cloud computing. Analysts estimate that the growth rate of all
spending on cloud IT will soon be at least four times faster than the growth
rate of all spending on on-premises computing.
Indeed, analysts are
expecting the annual growth rate of spending on cloud computing to average
23.5% compound from now until 2017. In addition, by that year spending on cloud
services will probably account for one-sixth of all spending on IT products,
such as applications, system infrastructure software, and basic storage.
Given the rapid growth
in cloud computing, the big question, of course, is whether cloud computing is
safe. Is it more or less safe than on-premises computing?
The short answer is that
cloud computing is not less safe than on-premises computing. However, the
threats are somewhat different in nature, though they are converging.
Threats
Generally speaking,
there are six major threats to computer security. These are:
Malware - is malicious software such as viruses, trojans, worms, spyware
and zombies. Malware is installed on either a PC in your home-office or a
cloud-computing server. Where malware gives control of a network of computers
to a malicious group (eg, to send spam) it is called a botnet.
Web app attack - is an attack in which web-based
applications are targeted. It is one of the most common forms of attack on the
Internet.
Brute force attack - works by trying all possible
combinations of letters or numbers in order to discover a cipher or secret key.
For example, you could crack a password by repeatedly trying to guess it.
Modern computing power and speed makes brute force a viable form of attack.
Recon - is reconnaissance activity that is used
to choose victims that are both vulnerable and valuable.
Vulnerability scan - is an exploit using a special program to
access weaknesses in computers, systems, networks or applications in order to
generate information for planning an attack.
App attack - is an attack against an application or
service that is not running on the web, ie the program will be on a computer
somewhere.
Honeypots
A honeypot is
a decoy website, network, system or application that has been intentionally
designed to be vulnerable to attack. Its purpose is to gather information about
attackers and how they work.
Honeypots allow
researchers to:
- collect data on new and emerging malware and determine
trends in threats
- identify the sources of attacks including details of
their IP addresses
- determine how attacks takes place and how best to
counteract them
- determine attack signatures (pieces of code that are
unique to particular pieces of malware) so that anti-virus software can
recognise them
- develop defences against particular threats
- Honeypots have proved to be invaluable in erecting
defences against hackers.
The Spring 2014 Cloud
Security Report
Alert Logic provides
security services for both on-premises and cloud computer systems. The company
began issuing cloud security reports in 2012. Its Spring 2014 Cloud
Security Report covers the year ending 30th September 2013.
This report is based on
a combination of real-world security incidents experienced by Alert Logic's
customers and data gathered from a series of honeypots the company set up
around the world.
The report throws some
interesting light of the security of on-premises and cloud computing relating
to the company's customers. Here are some of the highlights:
[1] Computing is
shifting more and more from on-premises to cloud-based computing and the kinds
of attacks that target on-premises systems are now targeting cloud
environments. This is probably due to the increasing value of potential victims
in the cloud.
[2] Although attacks on
cloud environments are increasing in frequency, the cloud is not inherently
less secure than traditional on-premises computing.
[3] The frequency of
attacks in both on-premises and cloud computing has increased for most types of
threats, though for a few types of threats it has fallen. Here are the main
points of comparison between both computing environments: