Cybersecurity In The Cloud: How Does It Stack Up Versus Traditional Systems?

2/28/2018
By Phil Rainsberger

In the early days of computing, when the only computers available for businesses were mainframes, cybersecurity wasn't much of an issue because mainframes weren't connected to networks. Pretty nice alternative to today's horrific breaches and intrusions, right?

But the tradeoff—and it's an enormous one—is that when data and information are locked up in a single system with no way in or out, the business value of that data and its utility for a business are sharply limited. So as we've moved over the past few decades from rock-solid mainframes to computing devices that are increasingly smaller and more power and more widespread and more interconnected, we've gained enormous value from having vast amounts of data at our fingertips—but we've also dramatically increased our potential exposure to cybercrime.

In such a climate, cloud providers have had to devote more money, time and focus to data security and information security than ever before—because they're making the promise to businesses that business data can be protected with greater assurance in the cloud by experts than it can be within corporate data centers staffed by IT teams already burdened by overwhelming workloads.

Microsoft, regarded by many as the world's leading provider of cloud services for businesses, has recently demonstrated its commitment to providing world-class cybersecurity for its Azure Cloud customers via a sweeping initiative called "Confidential Computing." And that's becoming a major initiative within the company's overall investment in cybersecurity of $1 billion annually.

For cybersecurity in the Azure Cloud, Microsoft is focusing on the following:

•strict physical datacenter security;

•ensuring data privacy;

•encrypting data at all times and in all of its states, whether "at rest" or "in transit";

•advanced research into deploying machine learning for better thread detection; and

•strict processes and controls during the development of all Microsoft software.

Microsoft's Chief Technology Officer for Azure, Mark Russinovich, said recently that for the past four years, the Azure team has been working with cybersecurity experts within Microsoft's Research team, its Windows Team, its Developer Tools team, and with chip-maker Intel to optimize this Confidential Computing security across all relevant software and hardware technologies.

"Confidential computing offers a protection that to date has been missing from public clouds: the encryption of data while in use," Russinovich explained in a recent blog post. "This means that data can be processed in the cloud with the assurance that it is always under customer control."

As more and more businesses come to regard their data as among their most-valuable assets—and some believe it is the #1 most-valuable asset—it's understandable that a shift to a new foundational technology like cloud computing can raise a lot of doubts in the minds of business leaders tasked with deciding how and when to jump into the cloud.

To those decision-makers, Russinovich offers the following assurance for what Microsoft's new Confidential Computing can provide in the cloud:

"Despite advanced cybersecurity controls and mitigations, some customers are reluctant to move their most-sensitive data to the cloud for fear of attacks against their data when it is in-use. With Confidential Computing, they can move the data to Azure knowing that it is safe not only at rest, but also in-use from the following threats:

•Malicious insiders with administrative privilege or direct access to hardware on which it is being processed;

•Hackers and malware that exploit bugs in the operating system, application, or hypervisor; and

•Third parties accessing it without their consent."

In our highly interconnected digital world, security risks are inevitable. So as you consider your move to the cloud, push hard on your technology vendors to explain to you in great detail their cybersecurity strategies and guarantees. And if you want to know more about Microsoft's Confidential Computing and/or other elements of Azure Cloud security, give us a call here at Tier1—we've been in the cybersecurity and cloud businesses for a while, and look forward to helping you make the move to the cloud with full confidence that your cybersecurity will be rock-solid.