Is data in the cloud safer than the data in the internal datacenters?
University of Berkley has published an excellent paper on cloud computing, the argument regarding data security in the cloud is that encrypted data in the cloud can be more secure than unencrypted data in the internal datacenter. Almost nobody uses encryption in internal datacenters as they are percieved as secure. Here is an excerpt from the study:
“We believe that there are no fundamental obstacles to making a cloud-computing environment as secure as the vast majority of in-house IT environments, and that many of the obstacles can be overcome immediately with well understood technologies such as encrypted storage, Virtual Local Area Networks, and network middle boxes (e.g. firewalls, packet filters). For example, encrypting data before placing it in a Cloud may be even more secure than unencrypted data in a local data center; this approach was successfully used by TC3, a healthcare company with access to sensitive patient records and healthcare claims, when moving their HIPAA-compliant application to AWS.”
To secure data in the clouds at Kaavo we provide AES 256 bit encryption for storing the data on EC2 persisted disk volume so that even the data that is generated in the clouds can be stored in an encrypted format. In addition the paper points out the need for a single click deployment of complex systems in the cloud (Kaavo already provides the framework for automating the deployment of any complex multi-server system with a single click in the cloud). Here is the excerpt from the paper:
Being aware of costs is the first step to conservation, but the hassles of configuration make it tempting to leave machines idle overnight so that nothing has to be done to get started when developers return to work the next day. A fast and easy-to-use snapshot/restart tool might further encourage conservation of computing resources.
The paper has also some very concrete numbers on economies of scale and why large datacenter providers have 5X to 7X cost advantage over small to mid-size datacenter. Talk by the authors and summary of the paper can be found at: http://berkeleyclouds.blogspot.com/