Many appliances have packet-inspection settings that are designed to fail on, said Joe Anthony, Director of Security Product Management for IBM. If the device is overwhelmed with peak traffic or by, say, a flood of rich media, the bulk of the traffic will, by default, pass through with only small samples inspected for threats.
This shortcoming will typically be logged, alerting administrators to the problem, but how many will actually follow up? Anthony recommends IPS solutions with 20 GBps capabilities, at minimum, for public cloud environments.
Trust is another major concern. In the cloud, previous outsiders quickly become insiders, said Mike Gault, CEO of GuardTime, a provider of keyless signatures used to validate the integrity of data. There is no distinction between the two. With all of the new risks inherent with cloud computing, its especially important to recalibrate trust. To be blunt, you really cant trust anyone anymore.
This means having security in place for data protection and integrity, to protect against data loss and to secure the application layer, not just the network and access.
With that sort of upheaval, though, comes uncertainty. You can be pretty confident that the old vendors you know and trust (and sometimes loathe) will be around to support and service you. If one of them implodes, thats not even such a big concern because ISVs and various consultants will be able to step in.
Stability in the cloud is something that is still a ways off. Were a cloud provider, but a question we ask before adopting cloud or SaaS internally is are you going to be around for the long haul? said Aaron Levie, co-founder and CEO of Box, a cloud content management provider.
If its a startup, how well are they funded and by whom? What is their exit strategy, be it independence or acquisition? How sound is the business model?
Of course, I asked Levie how he answered that question for Box. Were focused on being independent. Period, he said. Levie noted that the companys recent $48-million round of VC funding will be used to build out infrastructure, recruit more high-profile senior executive talent, build out a larger IT and support staff and expand the service portfolio. They currently have over 5 million users, and count more than 6,000 companies as customers, including 73% of the Fortune 500.
How often do you ask vendors about financials and its business model? In the cloud, its a question you neglect at your own risk.