Is security the next big cloud app?
- Summary:
- 2016 saw many types of security problem. Is now the right time for security in the cloud as a service? Perhaps.
That’s a good question. I will argue that the solution needs to involve both hardware and software and it likely needs to leverage the technology that has made it so hard to keep private data private, the Internet.
Prior to the Internet, security was a given. Few people had capable hardware or the software to penetrate an enterprise system unless they were willing to write a lot of code. If you were lucky enough to get through an enterprise’s security wall, the 10 or 20 MB drive on your computer wouldn’t allow you to take much. That was a long time ago.
Today for short money anybody can get the technology needed to hack a system in a major way, which is why so many state actors like Romania and North Korea can readily engage in various types of cyber warfare. It’s cheap, easy and provides great bang for the buck— much better than having to equip and support traditional armed forces for instance. Den Howlett recently talked about this issue in a recent story and Kurt Marko has talked about 'non existent security' in an IoT world.
To date, most commercial security software aims at intercepting intruders before they can do harm and the stuff that corporations use isn’t significantly better. Part of the problem is that the really successful or catastrophic—depending on your outlook—attacks in the news in the last year have involved dummy inducements designed to get unsuspecting victims to turn over their credentials. People often don’t even realize they are participating in robbing themselves.
Once inside an enterprise’s servers rogue software can do things like finding files and then using the system’s own resources to “call home” and export secret data. Often the rogue software can operate for months before being discovered and in recent incidents such as the hacking of the DNC, it can take even longer to take action. By then the target organization has been stripped of its secrets leading to unpleasant outcomes everywhere. But that’s not all. Rogue software can disguise itself and make a nice home on the server’s hard drives where it can be difficult to identify or eradicate.
The security paradigm is not inadequate for the problem at hand. If you need to give it a label, call it security 1.0, a largely reactionary approach to problem solving that will always be one step behind the bad guys. So the real question is what does version 2.0 look like? Here are some attributes of a version 2.0 security paradigm that I like.
- Complete ability to encrypt all data before, during, and after use. Encryption/de-encryption codes and algorithms should be mutable but only by the silicon of the server. Change should be constant at a rate precisely faster than bad actors, even with powerful processing of their own, could decipher earlier keys. This is the strategy used in multiple drug protocols that attack the AIDS virus for instance.
- Silicon based check-in, checkout for all data and programs. Checking in a program should have the same silicon based procedures as data check-in thus denying foreign or alien software access to the system.
- Eliminating the hard drive in the private data center. Hard drives should only be used by security providers as I will explain below.
- Quickly evolve a new class of product category for security. This category would not be in the business of alerting about break-ins nor should it be about remediation after a breech. Its sole mission should be completely eliminating the possibility of a breech and in the event of a failure, isolating the invader so that further damage cannot happen. Think of bank robbing. There are laws against it but robbers still exist. Law enforcement’s effort is directed at discouraging but if that fails, isolating and quickly capturing perpetrators.
Full disclosure, these points are attributes of Oracle’s M7 Supercluster technology and while this piece is not intended as an advertisement for Oracle, it points t0wards a path to greater security.
The first two points are available today the third will raise some eyebrows. It is important not simply to promote better security but also because the hard drive is being made obsolete anyhow.
Advances in solid state drives has brought commercial quality products to market that are high capacity, fast, cool, and reliable. How many of us have drives in the appliances we call phones but that operate as computers? Zero.
Moving this paradigm to larger computer systems simply reiterates the maxim of developing software for the small screen first; with that done, we should consider the same for enterprise hardware architecture.
A more important reason for eliminating the hard drive is performance. Regardless of how much memory is used to buffer I/O, systems are still hobbled to some degree by the relative slowness of disk I/O, which occurs at millisecond speeds while silicon operates in nanosecond increments.
Finally, and most importantly, eliminating the hard drive will speed up processing overall so that enterprise systems can afford the small lag time that encryption regimens will require.
It’s hard to see how any but the very largest enterprises will have the budget and personnel to do all of this, which brings us to point four, the security vendor.
In some ways the security vendor model is a direct descendant of the cloud computing model with the key difference being that cloud vendors run the whole show enabling users to act like consumers of their products. However, the cloud computing vendor model might not be adequate in all cases.
Recall that much of the hacking e.g. the DNC and Clinton campaign, the upheaval that resulted was over hacked email systems from commercial vendors like Google. In addition, over the last 2 years Yahoo had to admit that 1.5 billion email customers were hacked.
The era of free email might need to end because vendors treat these systems as loss leaders or venues where they can post lucrative ads paid for by sponsors. But there’s a limit to the amount of security they can provide gratis.
So if security is not top of mind in email then the free-email model is no longer appropriate and any enterprise worth its ticker symbol would have to think carefully about trusting its information to this largely laissez faire model.
My take
You might say why not just move the data center to the cloud by engaging a cloud infrastructure provider. This would work if the cloud IaaS vendor beefed up security in the steps outlined here. But moving to the cloud does not assure the security steps noted here and many organizations may not be ready to make the migration.
Enterprise vendors are still largely transitioning from on-premise to cloud systems, a process that Oracle, a company with a huge legacy base, expects to last at least ten years. So the security vendor might simply be a transition point, a way for existing enterprise systems to be protected during the move to the cloud where security would be better because cloud vendors have the resources to do the job.
If that means the lifecycle of the security vendor is ten years, so be it. They could morph and do other things too. It won’t be the first time a new technology had a relatively short lifespan. Remember mini-computers?