Is the Cloud without risks?
Lots of people fear the cloud because of security and privacy concerns. Christian Baun asks if it’s safe to use cloud services and offers nine common-sense tips for saving your data on and around cloud services…
Think about migrating your data and services into the cloud. This sounds dangerous to you? Think about the horror stories. All your data is lost and the services are not available. Fairy tales you might think.
In February 2008 Amazon S3 crashed and the whole of Amazon S3 stopped for a few hours. In March 2009 a bug inside Google Docs had allowed unintended access to some private documents. Some people with cloud concerns ask, “What if my documents, stored by the provider of the web office (eg Google Docs) are lost?” Different question: what if your laptop is stolen or your hard disk crashes? If you are using cloud services or not, it’s always a good advice to have a backup of your data.
The tools and best practices to secure your data and improve the level of availability of your services are the same when using non-cloud services:
1. The data inside your virtual infrastructure inside a cloud IaaS can be secured when storing them inside TrueCrypt (www.truecrypt.org) containers.
2. Data transfer between you and your cloud services should be secured via SSH.
3. If you want to migrate your complete IT infrastructure into EC2, or a similar IaaS such as Rackspace (www.rackspace.com) or
GoGrid (www.gogrid.com), it’s a good advice to have the important services redundant. It’s easy to start more machines and use virtual load balancers.
4. Keep your data redundant too. Storage in the cloud can be combined to a virtual RAID 1 to improve the level of availability.
5. Try to keep your virtual machines secure, the same as you would do at home. Have the latest security patches installed. Use an up-to-date kernel. Keep the ports closed and stop the internet services you don’t really need.
6. When using a cloud platform (PaaS), back up your source code locally and keep your code. This way you could run your software at a different place at any time.
7. Have a (local) backup of your important data.
8. When using existing images inside an IaaS, look who built this image. Is the image from a trustable source (eg the provider of the IaaS services)? Otherwise, a rootkit or backdoor could be installed.
9. Keep your credentials (access key and secret access key) secure – otherwise anybody could utilise cloud resources and you have to pay them.
These hints can be used exactly the same when not using cloud services and they prove that it’s not very dangerous to use cloud. Or do you install non-open source software from sources you can’t trust? And you keep your credit card numbers secure all the time? And you do backups of your local data, don’t you?