The Massively Distributed Cloud Requires Massively Distributed Solutions

Featured Article by Carson Sweet, co-founder and CEO, CloudPassage

Enterprises are rapidly adopting cloud computing. We have seen large enterprises ramping up mission-critical use of cloud infrastructure, accelerating the success of cloud providers and technologies like Rackspace, Amazon Web Services, OpenStack, and VMware vCloud.

Despite rapid adoption, security remains a top obstacle to successful adoption. Enterprises are sinking a lot of money into addressing these problems – Gartner estimates that cloud security spending will nearly double between 2013 and 2017 with a 28% annual growth rate.

Those responsible for the security and compliance of these environments is that existing solutions weren’t designed for the high scale, rate of change, and broadly distributed nature of cloud environments. Solutions built for static environments and dependant on fixed perimeters can’t handle the ephemeral and distributed nature of cloud infrastructure deliver and the complexity of blending public and private infrastructure into hybrid clouds.

Bottom line, massively distributed and scalable cloud environments need a massively distributed and scalable cloud security solution.

The Promise of the Cloud

Public cloud computing means compute power and storage can be procured on a utility basis, on-demand and as needed. This makes public and hybrid cloud the key enabler for applications with highly variable compute needs, like big data analytics and consumer services.

Companies are also rapidly evolving virtualized data centers to true private clouds to gain the agility and scalability benefits of public cloud, but on their own terms. Not all applications are appropriate for the public cloud, and the evolution of data centers to private cloud models reflect reconciliation of desire for agile cloud infrastructure with the need for maximum control over infrastructure delivery.

The beauty of emerging cloud models is that it can be customized to a company’s needs. There are myriad potential models that mix public cloud, private cloud, and traditional infrastructure can be optimized to meet any balance of control, performance, scalability and agility.

The Burden of the Cloud

Security and compliance have long been a major business and technical issues impacting product delivery, speed to market, and profitability. This is especially for large enterprises, and more recently has become a core competitive concern for companies delivering cloud-based SaaS applications.

Mixed cloud and infrastructure environments need orchestration of security across multiple public cloud environments like AWS and RackSpace while handling existing privately hosted virtualization and cloud platforms like VMware and OpenStack. Traditional hardware environments can’t be left out of the equation, representing yet another environment that must have consistent, constant control.

The burden for protecting these complex environments typically falls on security teams, adding massive amounts of additional effort in environments changing from slower-moving infrastructure to rapidly moving, agile delivery of computing resources. Without a shift in security thinking and strategy, these teams just can’t keep up with the speed and scale of cloud infrastructure technologies.

Big Solutions for a Big Problem

Compute power has been the gating factor for automation of consolidated security functions at scale. To date, the security industry’s approach to scale has largely relied on hardware-accelerated appliances that do one function, or at best a few. These solutions also rely on physical proximity and fixed network topology, both antithetical to cloud-based application architectures. The result is that security teams are limited to a field of stove-piped solutions with little to no cross-functional interaction or awareness, none of which are designed to handle the broad distribution and scale of cloud-based application delivery models.

Fortunately, there is an emerging trend in leveraging the power of cloud computing for the purposes of delivering security and compliance. By aggregating security analytics and data storage into elastic cloud computing environments, a large number of controls can be centrally provisioned, monitored and orchestrated. Cloud power can also tear down stovepipes between traditionally disparate controls, making it possible for security mechanisms to be directly integrated and aware of one another.

Security solutions using cloud computing and big data technologies to consolidate control automation can dramatically reduce the enormous effort of operating multiple security and compliance tools across multiple computing delivery environments. In this regard, cloud computing and distributed application models are poised to become key enablers of next-generation information security solutions.

About Carson Sweet

Carson Sweet is the co-founder and CEO of CloudPassage. His information security career has spanned nearly two decades and includes a broad range of entrepreneurial, management and hands-on technology experience. Follow Carson @carsonsweet and CloudPassage @CloudPassage on Twitter.