Traditional IT organizations in the past used systems developed, acquired, and deployed in an organized, structured manner, such as e-mail for all employees, graphic design tools used by some, or payroll processing systems or human resources management tools used by the department.
More importantly, access to these systems is usually under the supervision of IT managers and system administrators. To install a private system or to install a company-acquired system, you must pass the It "monitor screen" before you can deploy these systems. This pattern has generally worked well since early it.
However, the advent of cloud computing presents a challenge to this model. The rapid development and recognition of cloud technology has brought a new paradigm for IT service design and deployment: do-it-Yourself Cloud service planning and management is now a reality.
At the very least, this new rogue cloud usage pattern poses a lot of trouble to IT security leaders. Without the expertise and involvement of IT professionals, building and running IT systems for non-it employees using cloud services creates the conditions for potentially catastrophic information security scenarios. In this article, we'll look at the deployment of rogue clouds, including why you should avoid rogue clouds, how to discover rogue cloud deployments, and how to manage them effectively.
Identify rogue cloud use case issues
The rogue cloud use case, in short, is the cloud-based resource used to promote the organization's business and is unauthorized to use without authorization. An important reason for the rapid development of this trend is that it bypasses the IT organization, which is often seen as a roadblock or impediment to the implementation of emerging business processes. Now, without expensive cost, it is easy to make the server run in the cloud, start the Web server or SharePoint outside of the enterprise IT structure, and for users, it means bypassing the red tape that exists inside many businesses.
However, it can provide and manage a secure portfolio of products and services, and rogue cloud facilities can adversely affect this capability. For example, improperly configured rogue cloud installations may not adequately protect critical or sensitive business data from leaking into the hands of knowledgeable attackers. Or worse, an attacker could enter the company's network boundary through potential network security vulnerabilities-exploiting a vacancy that was not recognized and controlled by network security personnel, because the network security personnel did not know the cloud instance at all.
The issues addressed in the Symantec 2013 avoid cloud hidden cost survey (PDF) include Rogue cloud systems. More than 3,200 people in the global IT organization are involved in the survey. Nearly one-third of new respondents deployed rogue clouds in their organizations, the report showed. Another key discovery involving rogue cloud use is data backup issues. According to Symantec, more than 40% of respondents lost data in the cloud. Of those surveyed, Two-thirds failed to recover data successfully.
Rogue Cloud deployment found
The most feasible solution is to assume that rogue cloud facilities already exist. So developing programs--for example, using existing performance monitoring tools and monitoring support from cloud service providers--can identify and identify the source of suspicious cloud activity.
Verbal propaganda has been the easiest way to find ad hoc cloud use. Savvy IT security organizations are often associated with all departments and key figures throughout the organization. Theoretically, this connectivity provides a window into what departments and individual users are doing, and how security as a promoter supports their efforts rather than an inhibitor.
Network monitoring is equally important. Proactively monitoring unauthorized cloud use, identifying abrupt network traffic patterns, observing suspicious network activity through intrusion detection/prevention systems, or discovering unusual changes in data storage requirements may identify potential rogue cloud activities. The user creates an unauthorized instance with an IT-authorized provider, and the provider may find it possible to use exceptions (such as protocol parameters outside those service levels), or rogue activity.
Managing Rogue Cloud Deployments
Suppose you identify a rogue cloud activity that can resist the temptation to shut down immediately. If not, determine what impact the rogue cloud activity has on IT operations, and specifically whether it can coordinate organizational capabilities, protect sensitive data, and keep important IT assets secure to some degree. Some instances of unauthorized cloud are harmless, just need documentation. Once a rogue cloud activity is discovered, and a detailed investigation is made, there are clearly some security risks to consider, so it is important to notify the senior management and either abort the rogue cloud installation, properly protect, or merge the rogue cloud into existing IT operations.
In addition, senior management agreed to formulate policies for the use of cloud services, including addressing non-it and other unauthorized deployment issues, explaining why the company was disadvantaged and detailing the failure to comply with policy penalties. These will help to reduce the likelihood of future ad hoc cloud use.