A look at the security issues facing companies considering going down the cloud computing route.

A look at the current growth in cloud computing and the need for organisations to adopt a real-time cloud computing security service that addresses latency and effectively protects them from malicious threats such as malware, trojans, botnets and phishing attacks.

A cloudy future

According to a recent report by Forrester titled 'Is cloud computing ready for the enterprise?’ cloud computing still remains a genuine web security concern.

In theory, it can be more secure than do-it-yourself computing since shared costs allow larger overall investment in security processes and infrastructure. However, worries still remain about access and control over an organisation’s sensitive data.

These days users need to go everywhere - customer sites, partner meetings and remote offices. The applications they need, however, are often locked up in distant, consolidated datacentre or are outsourced entirely. All of this movement conspires to break up the traditional "hub and spoke" network model of the past.

At the same time, application networking is becoming increasingly peer-to-peer, with VoIP for example, requiring low-latency, high-bandwidth connections between any network endpoint.

To accommodate this within traditional point-to-point links would require exponential growth in the number of interconnects. This would be impossible to provision, as we know. For relief, many enterprises have turned to "cloud"-shaped networks. A transition, like most in IT, with some interesting side-effects.

For example, what if you want to connect directly to the Internet? The price is definitely right, and getting all of that Internet back-haul off your WAN is very appealing.

The traffic is going there anyway, why not let the Internet carriers pay to move it around? Unfortunately, the security and routing issues are as serious as they are daunting. You'll have to make sure that nothing nasty gets in, such as malware and phishing attacks. Furthermore, any application-layer security or web access controls you've set up in at the datacentre gateway will have to be replicated, distributed, and centrally managed. Quite a tall order.

The latency issue

Regardless of the type of cloud an organisation chooses, one key issue remains increased latency. Many of the applications commonly used at the branch, such as email and file services, are notoriously sensitive.

To address latency in the cloud, there are options. Generally, they fall into one of two categories - fix the application with caching, compression and protocol optimisations; and/or application prioritisation.

The ultimate goal in compression and optimisation is to reduce traffic entirely. New forms of caching and inline compression can dramatically reduce the bandwidth needed to service applications.

Bandwidth, network latency, and application performance aren't directly related, but if you can avoid transmitting data at all you save user time, along with time on the wire.