The latest updates from our team of experts. Find out what’s happening here at 6fusion and our take on the industry at large.
IT Security Concerns for 2013
by Steven Wolford, Director of Information Security, 6fusion
Cloud Service Providers (CSPs) found the IT security concerns around cloud hindered previous adoption. But now that many of the major players are strengthening their offerings the future looks bright…or does it?
The sunny side of the street has shown solidification in the cloud security forecast. The federal government finally announced FedRamp and listed the 3PAOs that can audit CSPs. The Cloud Security Alliance has made demonstrable progress with the Cloud Controls Matrix (CCM) and CSPs are beginning to fill out the STAR registry. Confidence levels are strengthening and organizations are much more comfortable with the cloud.
The 2013 outlook shows 100% chance of “cloudy” IT in the coming year. Cloudy IT is a terrific misnomer for the coming year. Where once fear, uncertainty, and doubt held many in check, the predictions below will highlight some IT security concerns alleviated and a cloudy 2013 that is, in fact, a welcome forecast.
Prediction #1 – the rise of software defined security (SDS)
Policy based cloud security becomes a reality in 2013. We will commonly see hosted cloud security consoles allowing each cloud user to configure their own security settings for all their agent-based and agentless security settings across public and private clouds.
Prediction #2 – the rise of disposable clouds
Remember RAID (redundant array of inexpensive disks)? Prepare to follow The Pirate Bay and adopt RAIC (redundant array of inexpensive clouds). With the dawn of SDS (see prediction #1), businesses will be able to take advantage of any cloud anywhere thereby driving prediction #3. Track the stack – ever increasing numbers of CSPs will embrace OpenStack as the foundation to battle AWS. Utility computing and consumption-based billing will make assembling a wide array of providers into a private hybrid IaaS cloud the migration method into future cloud architecture.
Prediction #3 – the rise of private hybrid clouds
Though not as quick and easy as providers would hope, organizations have, and will continue, to make strategic decisions to extend the IT environment into the cloud. Making the cloud infrastructure appear as an extension of the existing organization becomes easier because of predictions 1 and 2. The operational experience and comfort most organizations have with virtualization and those tentative first forays into the cloud will lead to substantial investments in extending the enterprise into the Infrastructure as a Service (IaaS) cloud.
Further supporting the rising cloud usage, auditors and regulatory agencies are getting more knowledgeable about cloud. PCI SSC, FedRamp, CSA have all provided a wealth of information for the audit and compliance set. Finally business will not need to fear being “out of compliance” for their cloud usage.
Prediction #4 – Not your father’s cloud
Finally, years of living with “cloud” everything business consumers will understand that cloud is not virtualization on someone else’s hardware and X-as-a-service has largely been a rebranding of existing web services. 2013 will be the year that cloud is finally understood and will not be whitewash for attempting to make an existing product or service cool and hip.
What are your thoughts? Please let me know where you see a cloudy future.