Controlling Enterprise Mobility in the Cloud

According to a recent Gartner survey, as reported by InfoWorld, Cloud Computing was mentioned as one of the top two technology priorities for CIOs in 2010. What’s also interesting is that on the Top 10 list is also security technologies.

The concept of cloud computing is not new. The economic viability of this model is quite compelling for many enterprises, with the Gartner survey also mentioning cost reduction and improved workforce effectiveness as two of the top 10 CIO business priorities. However, concerns around security and Netflix Unblock relinquishing control over sensitive corporate data have been stalling the widespread adoption of cloud computing in the last couple of years. But, becoming clear is that the cloud computing era is approaching fast. And here’s why.

Past experience has taught us that economic viability is a strong driver for innovation, and that drive will prevail over technical challenges. One example is the shift from mainframe computing paradigm, which dominated the marketplace in the 80s, to the client-server paradigm, which prevailed in the 90s. The mainframe generation was characterized by silos of data and voice communications. In this generation, dumb terminals used to connect to proprietary mainframes for specific yet limited computing applications, with voice, video and data running on completely segregated networks. The mainframe paradigm was simple and secure, with enterprises being fully in control of access privileges to data and applications.

However, the economic benefits of unifying voice, video, and data applications on a single converged network became a stronger, more prevailing force. Continuing this example, the client-server paradigm galvanized the adoption of TCP/IP worldwide, which in turn spurred the development of the internet and unified communications.

These same concepts are applicable to the cloud computing industry. The economic viability of pay-as-you-go for virtually unlimited elastic computing resources, required for fast and efficient implementation of IT projects, will overcome the security concerns. The fact that existing cloud computing vendors are prospering and that major new players are entering the cloud computing market, is yet another indication that this industry is beginning to emerge successfully across the chasm.

This market growth is an indication that the adoption of the technology is shifting from the early adaptors, who are visionary in nature, to the pragmatic early majority. There is ample evidence that cloud computing is gaining momentum. Amazon is substantially growing their Elastic Compute Cloud and S3 services and a stock price appreciating over 175% from January 2009; Google Apps Engine is challenging the Microsoft domination of the office applications, and Salesforce-dot-com’s stock price is appreciating over 180% in the last year, There are also new major players who are entering this market, including IBM with Blue Cloud and AT&T with Synaptic Hosting, and the expectation is that other major Service Providers will be adding cloud services to their portfolio in 2010.

Independent of whether your corporation is an early adaptor or an early majority company, if you will be adopting cloud computing technologies in the foreseeable future, then an interesting question to ponder would be: “How would the adoption of cloud computing and SaaS applications impact the enforcement of corporate security policies for mobile users?”

The traditional approach to enforcing corporate access security is to require mobile users accessing the corporate LAN to launch either SSL VPN or IPSec VPN clients. With these technologies, tunnels are established at the application or network layer respectively to ensure confidentiality of data traversing these VPNs. The challenge of this approach is that mobile workers who use their corporate remote access devices to access the internet either don’t launch their VPN clients, or their sessions are routed directly to internet through a split tunnel connection provisioned on access routers.

When remote users are accessing the corporate LAN through VPN, they are protected by firewalls with UTM (Unified Threat Management) functionality. This is not the case, however, when the users connect directly to the Internet. In this case, they are exposed to a multitude of risks, including viruses, phishing, and spyware.

Leave a Reply

Your email address will not be published.