Keeping Private Clouds Private

The term "cloud" has misclassified IT operations as a somewhat nebulous entity, one without boundaries or walls, allowing information to flow freely from endpoint to server to endpoint. However, that implied ideal of global knowledge interchange has become one of the most dangerous enemies to data protection today. Simply put, IT managers need to understand how the cloud can become the downfall of security, especially when private clouds are part of the landscape.

The simplest way to secure a private cloud would be to keep it isolated on its own private network, physically imposing connectivity barriers that prevent interaction with other networks--or, more simply, pulling the plug on Internet connectivity. However, that methodology is impractical in today's connected world, where every endpoint and device is most likely connected to the Internet and other resources.

In effect, this means that private clouds, regardless of how and where they are hosted, will always have some form of connectivity to the outside world. Of course, a properly configured private cloud will incorporate several logical and virtual barriers that are designed to prevent unauthorized access to the content contained within. That’s the theory, at least.

Nevertheless, those managing private clouds have to ask themselves a few questions, including: How can I be sure my cloud is protected from intrusion? Is my firewall, VPN or other security technology effective? How can I remediate any security problems?

It is the answer to those questions that will dictate how to proceed with a security posture that effectively protects the data in private clouds. In many cases, layered protection proves to be the best weapon against intrusions. By weaving together a stateful packet inspection (SPI) firewall, encrypted access (SSL or traditional VPN) and a secure login mechanism, IT managers can achieve some modicum of protection. However, some will wonder if it is enough.