Clear skies ahead: cloud computing and in-the-cloud security

Kaspersky Lab, a leading developer of secure content management systems, announces the release of its latest analytical article "Clear skies ahead: cloud computing and in-the-cloud security" by Magnus Kalkuhl, the company's senior regional researcher in Germany. This article aims to provide a better understanding of the technologies and issues related to cloud computing. It discusses how cloud computing and in-the-cloud security are two terms which are often confused and offers an overview of the benefits and risks in both areas.

The first part of the article examines how cloud computing originated with the mainframe/ terminal model and the issues such as cost and computing power which have meant that this model could not be widely used. However, rapidly evolving technology now makes it possible for smaller businesses without significant financial resources and for home users to take advantage of the benefits offered by cloud computing: the provider offers high performance resources which would otherwise be too costly and also takes care of all software and hardware issues. Also addressed is how cloud computing will benefit the content industry by making it more difficult to illegally copy music, movies etc.

There are clear risks associated with cloud computing. Data leakage is an increasingly common problem, and the range and variety of data stored by cloud computing providers would mean that any data leak could have a very significant impact. Additionally, malware writers and hackers will inevitably target cloud computing services in search of data to steal, sell or manipulate. As cloud computing will become an essential business tool (much as email is today), standards and legislation will be introduced to regulate the providers and mitigate risk.

The second part of the article provides an overview of how in-the-cloud security works. This type of outsourced security service can be used to either filter traffic before it is transmitted onwards to the end user, or as an element in desktop security solutions; the author focuses on the benefits and drawbacks of the second approach.

A huge increase in the number of malicious programs has led to a corresponding increase in the number of signatures used by antivirus products. This increase results in higher memory consumption, increased download traffic and reduced scan performance. In-the-cloud security addresses these issues by storing all the data needed to detect programs already identified as malicious on the provider’s servers, rather than the user’s computer, freeing up desktop resources and removing the need to constantly update the desktop solution. Other information used to detect threats (such as malicious URLs, spam keywords and program profiles for use in HIPS systems) can also be delivered in this way.

Other benefits include improved response times (once a file has been identified as malicious, this information can be immediately accessed by users) and two-way communication between the antivirus vendor and the end user. Key information about a potentially malicious file can be quickly and easily transmitted to the antivirus vendor’s analysts; multiple reports of a file which appears on thousands of computers at once make it likely that the file is malicious and following analysis detection can be rapidly rolled out in order to combat an epidemic.

The downside to in-the-cloud security is that some of the methods used (such as the statistical monitoring referred to above) can result in increased false positives. Antivirus vendors therefore have to take steps to combat this, and this increases their workload. Providers also have to ensure their servers are absolutely stable, as server downtime leaves users unprotected, in contrast to traditional desktop solutions.

In-the-cloud technologies are already being used in some antivirus solutions, and businesses are starting to accept the principles of cloud computing. As time goes on, the two areas will merge, with individuals and organizations using cloud computers protected by in-the-cloud security services.