To move securely to the cloud, maintain a virtual air gap

In enterprise environments, people are getting serious about cloud computing. An IDC survey found that 44 percent of respondents were considering private clouds. So what’s holding people back? In a word: security. To move to a cloud (private or public) environment, you must be sure you can protect the security of applications and the privacy of information.

These requirements are particularly rigid if you are subject to PCI-DSS regulations for credit card transactions or HIPAA (Health Insurance Portability and Accountability Act) regulations for medical records. Compliance depends on your ability to maintain the privacy of the information, generally through isolation of storage systems, networks, and virtual machines.

To achieve this level of security, an “air gap” is often used to ensure sensitive systems are isolated. This approach works but severely limits your flexibility and ability to adapt to changing conditions. So perhaps we should consider instead a “virtual air gap.” Let’s look at how you might maintain this virtual separation of systems.

Storage isolation: One way to implement storage isolation is to encrypt data when it is in motion and at rest in the cloud environment. Another best practice is the striping of data across systems. This approach breaks blocks of data into multiple pieces that are spread over different disk drives that exist in different administrative zones. This helps protect you from rouge admins, who could access only a fraction of a file, rather than the whole.

Network isolation:Sensitive applications should be placed on a controlled VLAN. You then put mechanisms in place to monitor the configuration of routers and switches to verify that no unauthorized changes have taken place.

Virtual machine isolation: Virtual machines implement the “air gap” but the quality of the gap is only as good as the versions of hypervisor and the configuration. But how can cloud providers prove that they are using the expected versions on the expected hardware? Using a hardware-based root of trust to provide the evidence of hardware and software is a powerful tool for this challenge. A hardware root of trust provides a hardware-level mechanism to attest to the configuration of the hypervisors and enable the isolation and safe migration of virtual machines (to other trusted platforms).

Audits:Having a sound security practice is good but in reality we have to implement an audit to sample the point-in-time processes and technology. Standards such as ISO 27002 for information security and SAS 70 for maintenance of internal controls can help. Also, the Cloud Security Alliance has a solid collection of best practices for security in the cloud.

At a high level, these are just some of the steps you can take to implement and maintain a “virtual air gap.”