Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

Security Thought for Tuesday: Cloud Computing Should be a More Secure Model

by Neil MacDonald  |  August 11, 2009  |  9 Comments

A computing paradigm based on the exchange and execution of arbitrary code is inherently risky.Yet, that’s pretty much the foundation of what we do today with personal computers. Consider that this model is the primary reason we pay billions of dollars to AV vendors to scan our machines for known malicious executable code. Consider that today most malware today is web-based – malicious executable code downloaded from the web onto the end-user’s machine and executed. In most cases, because the user was tricked into doing so. Sure, some baseline of local executables are needed for the OS and perhaps some personal productivity applications that require offline access. I can use whitelisting to control these. But do we really need the ability to download and install arbitrary executables for new types of functionality and services on our desktop?

With Cloud-based application services, I consume minimal executable code. Instead, I consume a service. The Cloud-based application provider runs the application code on the back-end. What little (if any) executable code I need locally is typically in the form of Javascript, Flash or Silverlight for a richer experience in the browser. Longer term, even this could be largely eliminated with the adoption of HTMLv5. Assuming I protect my information being processed and stored (which isn’t a given but should be our primary focus to begin with) and the application code they run has been tested for security vulnerabilities (again, not a given but a matter of due diligence on our part), shouldn’t a services-based Cloud Computing application model inherently deliver a more secure computing paradigm?

9 Comments »

Category: Application Security Beyond Anti-Virus Cloud Information Security     Tags: ,

9 responses so far ↓

  • 1 Saqib Ali   August 12, 2009 at 12:36 am

    I agree. Wholeheartedly.

  • 2 Maty Siman   August 12, 2009 at 5:40 am

    Totally agree.
    The model of separating executable code from different sources, which is at the heart of the services/cloud paradigm, inherently provides better level of security.

  • 3 David Lingenfelter   August 12, 2009 at 12:41 pm

    The cloud can be a confusing place for most people, even those in IT. The “what” is still being defined even as people are starting to use it. We’ve talking about cloud computing plenty of times on this blog in the past, but let me put my definition out there simply: Cloud computing is the use of servers outside the LAN to host information and resources which can be accessed from anyplace on the Internet. In our business, we use cloud computing to help businesses better serve and secure their mobile workers (which is pretty much all of them these days) by putting their management and monitoring of their mobile devices in the cloud where their mobile workers live.

    The key word here – for us and our customers – is secure. The Internet has been deemed “the Wild West” – home to porn, predators, viruses and petty crime. So how could it possibly be a suitable replacement for the LAN? Well, it can and it is. And to make sure IT people around the world know how to identify and implement secure cloud computing solutions, the Cloud Security Alliance was announced earlier this year at the RSA Conference.

    The CSA is a collection of the finest minds on cloud security in the world, including leaders from Symantec, Dell, and Salesforce.com. I reviewed the initial draft of the CSA’s Security Guideline document and found it to be well thought out and very broad in it’s spectrum of domains being covered. So I decided to become involve and help further develop details within the guideline. With my background in security and working at a SaaS provider I have some pretty good insight in to the trials and tribulations of working within the cloud model.

    Basically, when version 2.0 of the guideline is complete around October, IT managers around the world will know what to look for in a cloud computing vendor. The guideline will cover domains from Governance and Legal, to Datacenter Operations and Business Continuity. It will include provisions and guidelines for Compliance and Audits as well as Incident Response and Remediation. It will also cover areas of Storage, Encryption and Identity Management among others. Basically it’s going to be the foundation for how cloud vendors should function and what IT managers should look for in a strong reliable cloud solution. Yes, this will upset those trying to build cloud solutions quickly and cheaply. It’s a small price to pay.

    Imagine a time before medical school and licensed doctors – you would never know if the surgeon you were seeing practiced legitimate medicine or was actually a witch doctor. Not exactly the way any of us would operate. The same is true with cloud computing. If you’re going to move your valuable assets into the cloud (because the productivity, cost, energy, etc. advantages are really that great) you better be able to recognize the professionals. The Cloud Security Alliance intends to be the source of resources needed so even the most inexperienced person will have the tools they need to securely move into the cloud.

  • 4 Vic Wheatman   August 12, 2009 at 1:05 pm

    John’s Podcast on this topic is up and running on Gartner.Com, available to Gartner clients.

    http://my.gartner.com/portal/server.pt?open=512&objID=256&mode=2&PageID=2350954&resId=1116613&ref=Listen

  • 5 Govind Davis, MCF Tech   August 12, 2009 at 8:48 pm

    By consolidating the execution of code and effectively taking it out of the hands of the end user PC it certainly seems that there should be a security benefit due to a more sophisticated owner of the executable code.

    One of the big questions/challenges of security is how much is enough. We have been working recently to connect the PaaS to QuickBase to Docusign and Equifax using Talend as an ETL intermediary. The biggest challenge in connecting services is navigating the security nuances.

    It may be overly idealistic, but it would be great to see sokme basic cloud security standards that address the critical security needs but support the ability to easily create authorized connections.

  • 6 Neil MacDonald   August 13, 2009 at 3:13 pm

    Govind,
    By Cloud security standards do you mean something higher-level than WS-* (and realistically, the subset within WS-I)? Or do you mean policy-exchange (a tough problem and one where WS-Policy hasn’t taken off…)? Or something else?

  • 7 Govind Davis, MCF Tech   August 17, 2009 at 9:09 am

    Neil … thank you for the direct response.

    My vision of web connection security has a specific flavor given that MCF Tech is an organization of business professionals who provide technology services as opposed to being purely technologists. From this perspective, my leaning is strongly toward REST interfaces, where authentication is contained in the HTTP header and the content communicated in the multi-part body, ideally as XML.

    My challenge with WS is that it’s quite difficult to decipher the requirements and it’s not really widely adopted. If I had to make a prediction, I see REST as the way forward due to it’s simplicity and wider current use, even if it may be technically less sound.

  • 8 Neil MacDonald   August 18, 2009 at 4:16 pm

    Yup, the punch line goes like this — that’s why we call it WS-”*” – the * being shorthand for “there are too many of these standards to list”. The complete set is so broad that it is possible to create systems that conform to the specs, but don’t interoperate. That was the goal of WS-I – to try and slim this down to a subset that actually works.

    “Good enough” RESTful protocols and standards have the momentum from my perspective and that would include passing basic security information. Looking at what’s next — I believe we’ll need more than single site authentication as as applications span on-premises and Cloud-based environments. We need security federation capabilities and SAML (which is not a WS-* standard per se but can be carried within it) has the most momentum and can be implemented using RESTful or SOAP-based protocols.

  • 9 The Evolution of Cloud Security   February 25, 2010 at 6:54 pm

    [...] than we can with our own on-premises equipment. Not only because Cloud-based computing should be an inherently more secure computing model, but for using the Cloud in ways that we can’t readily do with on-premises equipment. I’d be [...]