When it comes to security, it is useful to differentiate among the different cloud systems: Software as a Service, cloud compute and cloud storage. Each system poses its own set of benefits and security issues.
Software as a service (SaaS), represented by applications like Salesforce.com, Google Docs, Quickbooks Online and others, involves full software applications that run as a service in the cloud. Tens of thousands of companies share the common infrastructure of Salesforce.com. These companies maintain control of sensitive customer information through a combination of secure credentials and secure connections to Salesforce.com.
Companies that use Salesforce tolerate the risk of their data not being encrypted at the Salesforce.com servers. This is not as a result of lax security on behalf Salesforce.com. Because SaaS runs in the cloud, the data from customers must be visible to the applications in the cloud (either not encrypted or decryptable by the SaaS code). The main benefit of SaaS is to reduce the complexity of having to configure and maintain software in-house. The success of Salesforce.com and others demonstrates that many companies have traded security concerns for the sheer utility and cost savings of not having to run their own software in-house.
Data in Salesforce.com or any other SaaS may actually be encrypted at some point during its life cycle. This would prevent saleforce.com employees from accidentally or maliciously taking customer data from servers that are not currently in use. However, for SaaS applications to run, they still need to have the ability to decrypt the customer data. That is, the keys must remain with the SaaS provider. That is the critical issue that weakens the SaaS security model.
Cloud compute allows customers to run their own applications in the cloud. Amazon’s
Elastic Compute Cloud or EC2 represents this type of system. Customers upload their applications and data to the cloud where the vast compute resources of EC2 can be applied to the data. Virtualization provides a practical vehicle to transfer compute environments and share physical compute resources in the cloud. This approach has been used successfully by financial institutions and the life sciences to solve heavy compute models. It is expensive to run data centers full of servers ready to run complex mathematical models. The idea of sharing a compute infrastructure with other customers makes good economic sense. In a compute cloud the data can be anonymized, however it cannot currently be encrypted. That is, it is possible to obfuscate the data in such a way that is difficult for anyone to see what the data means; however in order to have a computer in the cloud operate on a data set, with today’s technology, the data set must be visible to that computer (i.e. not encrypted).
Cloud storage allows customers to move the bulk of their data to the cloud. Microsoft’s Windows Azure storage services and Amazon’s Simple Storage Service (S3) are good examples. The initial services involved online backups and file archiving but the most recent wave of cloud storage gateways has extended the use of the cloud to all types of storage. Data growth continues to be a major source of pain and cost to businesses and cloud storage offers unlimited, on demand, reliable storage at a fraction of the cost of traditional storage.
Cloud storage is in many ways more basic than SaaS or cloud compute because the provider’s main responsibility is to store the data unchanged. This brings cloud storage closer to a traditional utility model, like electricity or the Internet, where the provider does not need visibility into the specific use of its service. This is also good for security as it allows for a stricter security model. Unlike SaaS or cloud compute, cloud storage allows the data to be encrypted at rest (i.e. at the cloud provider’s servers), in such a way where the cloud provider does not have the ability to read it. Security credentials and a secure connection to the cloud are still necessary, but the addition of this form of data encryption at rest dramatically increases the level of security. Unlike SaaS and cloud compute, where customer data needs to be visible to the cloud in order to deliver functionality, storage is essentially passive. Data can be completely opaque to the provider. Modern encryption protects data at rest so thoroughly that with proper key management, there is no significant difference between storing sensitive data in your data center or in the cloud.
While data leakage remains an unsolved issue in SaaS and cloud compute, encryption
offers a sensible strategy to ensure data opacity in cloud storage. Data should be encrypted from the start so that the possibility of the cloud storage provider being somehow compromised poses no additional risk to the encrypted data. With cloud storage, all data and metadata should be encrypted at the edge, before it leaves your data center. The user of the storage system must be in control of not only the data, but also the keys used to secure that data. From a security perspective, this approach is essentially equivalent to keeping your data secured at your premises.