In my last blog post, I identified some subtle but important security problems facing organisations deploying private cloud technology. In this, the second of a three-post series, I’ll explain how to tackle those problems.
We have shown how IT departments must pull back the veil of the private cloud to understand what is happening, so that they can help to make their data more secure. But before we talk about how to do that, we must understand what security means in the cloud.
Navigating security effectively requires a map. The map is a simple one, with only three points, but it’ll guide any IT department to security success through the murky private cloud. The map is the information security triangle, and the three points are confidentiality, integrity, and availability. For data to be considered secure, it must be considered in the context of these three points.
If these three points are destinations on the security map, then proper log management enables you to chart your route. Log management in the cloud enables you to keep track of what happens to your equipment, and what the users of your cloud-based architecture are doing with it.
Log management touches all points of the security triangle, starting with confidentiality. If your logs show that someone is accessing information that they are not supposed to, then that is a confidentiality issue.
Data access also has issues for integrity. The integrity of data is linked to how it has been changed, and by whom. IT departments want to ensure that only authorised personnel and applications are granted access to the data, so that its integrity remains intact.
Logs also let IT departments monitor and even anticipate availability issues. If, for example, computing or storage capacity is far less than it should be at peak times, then this becomes an availability issue, because it suggests that key system resources may become unavailable if the trend continues.
The points on the information security triangle may be discrete, but they can affect each other. For example, an availability issue could belie an underlying confidentiality problem.
If network capacity is lower than normal, then this represents an availability issue. However, further analysis might show that the network is being flooded by a single device broadcasting unusual amounts of traffic through a little-used port. This could indicate that the machine has been compromised by malware, which could suggest a confidentiality breach.
If confidentiality, integrity and availability constitute the three points of the security triangle, then effective log management lies at the centre, binding them together. How can log management be used effectively in the private cloud? Stand by for my third and final post to find out.
Guy Churchward is President & CEO at LogLogic. He joined the company from NetApp, following senior positions at Sun Microsystems, Santa Cruz Operations, Accenture and Olivetti.