Making Cloud Security a Competitive Advantage in Aerospace and Defense
By Louis Columbus, Product Marketing Manager, Plex Systems
As aerospace and defense (A&D) manufacturers balance agility and speed with the need for ever-increasing vigilance and security, they are also facing the daunting task of keeping IT systems aligned with their changing business strategies.
This conflict of speed versus security is especially challenging in the area of cloud computing.
The Department of Defense (DOD) Defense Science Board recently invested months to produce a report titled Cyber Security and Reliability in a Digital Cloud. To me, it’s clear they’re seeing value in cloud computing beyond cost reduction.
The 76-page report shows how the DOD, working in coordination with key commercial partners, is successfully managing the inherent conflict of agility and speed versus the need for vigilance and ever-greater levels of security.
In many industries, risk-averse CIOs and IT professionals have completely ruled out cloud-based applications and platforms from their IT strategies.
This is a shame because — as the DOD staff points out in the study — they’re missing out on the ability to make their businesses more agile and quicker to respond to changing conditions while also aligning every department to the fulfillment of a mission.
Cloud Computing Data Centers Increase Cyber Security
The DOD task force finds that, in many cases, deploying applications to cloud computing data centers increased cyber security, especially against less sophisticated threats. The team also concludes that cloud-based platforms are the most effective technology available for tracking, analyzing, and thwarting both simple and complex attacks.
Using advanced analytics and tracking algorithms, the DOD makes the observation that cloud computing data centers are significantly more secure than on-premise systems or the use of public cloud architectures.
Key Takeaways From the Study
Here is what I found to be particularly noteworthy in this study:
- Cost savings of adopting cloud-based applications and systems are situational and highly dependent on an individual case-by-case analysis. The highest-performing cloud computing projects have very specific mission objectives and are measured across a series of operational metrics, not just IT or cost alone.
- The daily operation of DOD supply chains, ships, logistics systems, and machinery and weaponry (including tanks and missile systems) all generate massive amounts of data that needs to be aggregated, analyzed, defined into models and used for better decision-making. The report determines that cloud computing is ideal for managing the exponential increase in data being generated today by these systems.
- The future of cloud security in the A&D industry is cloud brokerages behind firewalls, where only unclassified data and systems are integrated to public cloud computing platforms. Recent studies by 451 Research of enterprise cloud computing adoption also reflect this trend. In the Forbes article on predicting enterprise cloud computing growth, internal private clouds are the top priority this year for 35 percent of enterprises interviewed.
- The scale of cloud computing and the data it generates from operations enables the analysis of packet and log data that provides new capabilities for event forensics and real‐time detection of malicious behavior. In conjunction with research from the Massachusetts Institute of Technology (MIT), the DOD cites this as critical to the future of cloud security development. The latest efforts in this area center on impersonating traffic workflows that provide randomized activity patterns, making it very difficult for hacking algorithms to determine which applications are in use. The latest advances are making the digital footprint of cloud applications nearly impossible to decipher and compromise.
- Service level agreements need to include much more than uptime commitments; they need to include metrics related to security as well. The study recommends that the key attributes of availability, authentication and authorization approaches, data processing and storage locations, software and data backup approaches, cyberattack event notification, required staff clearances and background checks, software and data disposition, and risk disclosure requirements and contingency plan all be included.
Making cloud computing even more secure needs to begin with a distributed data center strategy — one that ensures robust and elastic computing capacity across the global network of systems that the DOD and its branches rely upon. The authors of the study caution against a single Fort Knox-like approach to defining data center design and implementation, citing too many vulnerabilities. Instead, they recommend geographically distributed data centers supported with satellite links for real-time integration and support of collaborative workflows. The figure at right illustrates this concept.
Bottom line: All of these findings taken together show how enterprises can use security as a competitive advantage as well. With the DOD’s findings, it is clear that cloud platforms have the potential to quickly enable strategies and ensure their attainment, all in secured environments