Cloud computing security: Choosing a VPN type to connect to the cloud
Friend of NCP, Diana Kelley, analyst at SecurityCurve is writing a series on cloud computing security. In this 1st part series, Diana drills down and discusses the specifics regarding devices that connect to the cloud, and how VPNs affect cloud security. The article takes point-to-point into perspective, as opposed to whether or not SSL or IPSec is best suited – there are varied uses for each within Kelley’s article. Well worth a read and it begs the bigger questions of, “is VPN really a factor for applications living in a cloud, or is securing the applications themselves really the issue”? For example,
“VPN types include network-to-network, multiple service host-server, to single-service host-server. Each of these implementations can be used in a cloud computing environment, and each has security strengths and weaknesses. The oldest VPN technology is the network-to-network VPN. This architecture has the greatest risk associated with it, due in part to the number of hosts involved. While this architecture would not likely be used in the client-to-cloud connection, it could be used within the cloud, especially with server farms or mashups.”
What are your thoughts on cloud computing security?