The Cloud is not That Insecure
I am sure that by now you’ve seen/heard a lot of rants about how insecure cloud technologies are, etc. What worries me is that these claims are made by people who have never worked with cloud technologies and therefore have no clue on the subject whatsoever.
All of these claims actually have a common root. It is only logical to think that Gmail perhaps is less secure than your self-hosted email solution, for example. After all, in the case of Gmail, you do not have control over the software and as such it should be less trusted. But trusting something less does not necessarily means that it is less secure. On the contrary, very often you may find that the technologies that you usually trust are in fact the least secure ones.
Cloud technologies are in fact no different than non-cloud technologies. Practically they are the same. I mean the term
cloud computing is quite broad and perhaps it is even a buzword rather than a well-thought term which describes a particular study of the IT field. To me
cloud computing refers to the process of outsourcing computer cycles and memory keeping scalability in mind.
Cloud technologies are actually not that insecure. Let’s have a look at Amazon EC2 and S3 for example. Amazon’s cloud computing technologies are rock-solid really. You can run your own customized image with a full root access. You can have your own ingress firewall which in fact works really, really well. You also have a very granular and full-featured access control for every single file you host on S3. And the best thing is that none of Amazon’s resources can be accessed with simple username/password credentials but rather with a CERT, a PUBLIC KEY, an ID (pretty long string), a Security ID (even longer) and of course if you want to actually login to your instance and start doing something useful with it, you have to generate yourself another PUBLIC/PRIVATE keypair just for SSH. On the top of that the keypair can be registered only once, which means that if you loose your key than you basically have no choice but to shutdown the image and register a new keypair, which is unfeasible to do from the point of view of the attacker because in order to do that you need to have the CERT, the PUBLIC KEY and everything else I listed above.
To me, this is pretty insane security and I can guarantee you that your home-grown solution will be hundreds of times less secure.
Cloud computing is trying to solve a very old and quite painful problem – computer resourcing. The way cloud vendors are doing this is be providing common features/framework to all of their customers so that they can expand or shrink their resources as needed. In case of security, if the vendor comes up with a rock-solid security model which actually works, than the good news is that you don’t have to invest any money for reinventing the wheel. Similar types of operational models actually work today in other man-made systems.
Cities! Aren’t day the equivalent of cloud computing? I think so. All the resources are at the same place. All the info is constrained in the same system but somehow it is separated and preserved between the various entities which compose the city. Would you feel more secure if you go to leave in a cabin in the woods? Perhaps not! Why? Because you wont find help if you need some. There are no 24/7 police patrols or hospitals, etc. Perhaps this is not a good analogy but I am sure you know what I mean.
Every once in a while we find some major bug in Gmail and we start ranting about how awful this is and how the cloud data is so insecure. But some of you fail to admit to yourselves that at least you don’t have to do anything to fix the damn bug. The vendor will dispatch resources and the bug will be fixed in a couple of minutes. I would say that I have a pretty good experience with testing corporate networks and I will tell you one thing, bugs do not get fixed so quickly. Actually, they rarely get fixed. Perhaps the cloud is more secure!
Let’s have a look at another cloud technology which some of the security gurus will simply proclaim as freaking insecure even without looking at it for a couple of minutes – Google App Engine. Google App Engine is not exactly Amazons EC2 but it is pretty close. The cool thing about App Engine is that it comes with a good API which makes your job as a developer very trivial. There are still chances to make a mistake but the API is so good that if you follow some very basic guidelines you should expect a good and quite secure product at the end.
For example, let’s look at how the auth system is implemented in App Engine. If you decide to write an App from scratch than you have to worry about authing your users in the most secure way possible. You need to provide, password reset mechanisms, lock-outs, good session management, etc, etc, etc. This is pretty hard to do actually. But in the case of App Engine, you don’t have to worry about any of these because by default you can authenticate all the users through Google’s Single Sign-on authentication mechanism which is not bad at all. You can access this feature with a single call to the API or better yet with a simple change of your application config file. I must say that this is pretty awesome.
So, is the cloud secure? I would say yes, if you know what you are doing. A couple of posts back I mentioned that cloud security matters. It still does. Cloud technologies are quite secure because we tend not to trust them. However, because cloud computing can be quite confusing, you still need to spend time in making sure that all the blocks fit together nicely and securely.