Security for IT has always been based on keeping people out of the data centre.
However, with cloud computing becoming more prominent, this pattern needs to change.
So claims Rik Ferguson, senior security advisor for Trend Micro, who told a Westminster eForum held in London this morning that the technology security industry had to adjust.
"The security model traditionally has been one of outside in, [with] a strong perimeter and different layers behind that, always focusing on the intruder coming in," he said.
"With cloud we have to change the way we think. It is inside out security about security systems, access rights, data and the whole chain as at that point the data can exist anywhere."
Trevor Dearing, head of enterprise marketing for Juniper Networks, agreed that the model needed to change, comparing the current one to a castle and the future to a hotel.
"The model is changing. Before we had a castle and built a moat around the data centre... but in the world of virtualisation everything moves around," he added.
"Security policy was traditionally built around the idea of being behind a firewall. The challenge with cloud is it can change from minute to minute, second to second... and the model is something more like a hotel where security acts as a service."
Security experts have the attitude that if you are not sure something is secure then just don't do it, which just cannot continue with cloud computing, according to John Colley, managing director of ISC2 in Europe.
"The business case for cloud computing is very compelling and it will happen with or without information security's blessing," he said.
"The role for them to do is work out how to do it securely [and] look at how things can be done instead of why things cant be done."
Ferguson controversially concluded the debate saying: "The reason I think cloud is absolutely a viable model [is that] it has already been adopted by criminals and they are the leading edge adopters."
"They see the power, scalability, availability and in their case for them anonymity of this technology and want to use it."
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Trend Micro Vision One™ cloud security - Product reviewWhitepaper Trend Micro Vision One™ cloud security - Product review
-
Trend Micro Vision One™ cloud security reportWhitepaper Trend Micro Vision One as a solution to cyber risks
-
Mapping the digital attack surfaceWhitepaper Why global organizations are struggling to manage cyber risk
-
Solving the attack surface risk management challengewhitepaper Enable clear communication and mitigate cyber risks
-
The secure cloud configuration imperativeWhitepaper The central role of cloud security posture management
-
Trend Micro aims to seamlessly secure file storage in the cloudNews The cyber security firm's new service will scan and quarantine files natively in Amazon's cloud
-
Trend Micro launches 'industry first' cloud encryptionNews With Trend Micro SecureCloud, users are handed the keys to their cloud encryption.
-
Security firms plug virtual security holesNews New tool helps security companies and businesses protect against the threats they can't see as well as the ones they can.
