In my last post I discussed the architectural implications of a hybrid IaaS environment. While server mobility increases the tools we can leverage in deploying our infrastructure, there are obvious security concerns with moving a server across the perimeter.
Luckily we have a historical model we can leverage while deciding how to best go about reducing risk in a hybrid IaaS environment. One only needs to look back at what happened with personal computers in the 90’s to see what must be done to mitigate hybrid security risks.
Way back in the early 90’s the primary workhorse was the desktop systems. This provided you with access to network resources, but kept you chained to your desk while doing so. From a security perspective, this was a good thing as it permitted the IT staff to deploy network based security solutions. For example a single firewall could be deployed which would protect all desktops at the same time. This provided consolidation of resources and a single point of security management for all systems. If you needed remote access from your home computer, you simply “dialed in” via a modem pool that would plop you on the backbone of the network.
Then the laptop was invented and things began to change. “Working” was no longer confined to a single physical location. For example a traveling sales person could be productive from their corporate office, at home, in a hotel room, or even from a client site. Physical locality was no longer a restraint to performing work duties. The mobile employee was now free to select the best physical location for getting the job done.
The problem of course was that as soon as the laptop was moved outside of the corporate network, all of the network based security solutions being leveraged to reduce risk became completely ineffective for that system. The best corporate firewall on the market was helpless to protect a laptop located outside of the corporate infrastructure.
A couple points of note here. To start, we could have decided that the risk of exposing a laptop to the Internet created an unacceptable level of risk, and attempt to ban the activity. Certainly many in the security industry at the time adopted this posture. The problem with taking such a stance is that you can be perceived as an inhibitor to innovation. If the benefits are perceived as being great, the organization will simply do an end run around you. Saying “no” without offering any kind of mitigation compromise was (and can be) considered a career limiting move.
Further, when laptops were first directly connected to the Internet, tools to secure them were limited. As the practice picked up momentum, vendors brought additional products to market in order to fill the security gaps. So while in the early 90’s AV software was your only option for protecting an exposed laptop, by the end of the 90’s you could also deploy personal firewalls, VPNs, host based intrusion detection/prevention, etc. So we detached from network only based security solutions and deployed risk mitigation tools closer to the asset we wished to protect, namely the laptop itself.
If you think about it, hybrid IaaS is currently in the same state as laptops of the mid 90’s. The benefits of workload mobility are just starting to be realized, but security is an issue as products are just starting to hit the market. By the way, this is the gap CloudPassage fills, as it provides risk mitigation regardless of whether you need to secure a public IaaS, private IaaS or stand alone server or workstation workload, all though a centralized interface.
These changes in how we apply security is just the tip of the iceberg however. We’ll dig in deeper over the next few posts.