Why Cloud Computing Will Shake Up Security

As the curtain opens on 2016, you can expect massive changes in the security landscape. Technology providers such as firewall vendors, switching vendors and others will fade as new solutions better suited to the cloud computing environment emerge.

On the flip side, companies that provide encryption and anti-malware technologies will continue to see their fortunes rise because the demand will continue to grow. But to thrive, these vendors must bring out new products and services evolved for cloud computing.

Anti-malware evolves and grows

Let’s take the case of anti-malware vendors that have traditionally served on-premise clientele. As more companies move to off-premise solutions — the cloud — so, too, will the attacks of nefarious hackers and others intent on stealing or compromising your company’s data. For anti-malware vendors, the new year brings a huge opportunity to update and create new solutions tailored to the cloud.

The good news is these are essentially the same types of services that analyze data traffic for malware, but designed for the cloud. It still won’t be easy; there are some technical hurdles, like figuring out how the anti-malware solution gets inserted into a cloud system to which it doesn’t necessarily have access. Still, I think the top-shelf anti-malware vendors will be hugely motivated to attack this problem with gusto, and will figure it out.

Of course, Amazon and other cloud providers will continue to enhance their security, but dealing with the many and evolving strains of malware is not their core competency. Instead, I think they will be more inclined to work with, or at least make it easier for, established security vendors to deploy their solutions onto cloud platforms. Expect to see more APIs and frameworks from cloud providers that allow for more seamless integration of third-party anti-malware.

Firewalls have nowhere to go

While anti-malware vendors have new opportunities, the same can’t be said for traditional firewall vendors. The reason is that access control (a core firewall feature) is being commoditized.

We will see a much larger percentage of enterprise workloads moving to the cloud in 2016.

Firewalls are typically used for access control to determine who can talk to what over which protocol. They’ve also been very IP-centric. Over time, firewall vendors have added application awareness, as well as protocol and packet inspection. The cloud doesn’t change the need for these advanced functions, but often the core access control is embedded in the cloud provider’s system, and I don’t see firewall vendors being able to subvert or co-exist with what’s already there.

Also, access control is already being built in to cloud providers’ hypervisors and tied to provisioning of individual compute instances. Amazon’s Security Groups is just such an example.

Load balancers tilt

Like traditional firewalls, vendors of load balancers and application delivery controller appliances face tough sledding in 2016. Load balancers have long served a useful function, distributing network or application traffic across servers to handle high volumes of users or visitors. But auto-scaling of compute power is already part of the cloud provider’s infrastructure, so customers don’t need to buy it separately.

I fully expect that legacy apps closely tied to traditional load balancers will continue to be used on-premise or, in some cases, rewritten for new cloud architectures.

The year of encryption

Mobile devices weren’t always so ubiquitous. Remember when only doctors carried beepers? The same could be said for encryption, a technology that companies deployed only in certain scenarios that absolutely required it. Moving to the public cloud means the expectation is that everything needs to be encrypted — always.

But in this new cloud computing era, encryption vendors need to develop solutions that are massively scalable and truly transparent. Like anti-malware, the opportunity here is huge, and I fully expect encryption vendors to make solid progress in 2016.

Another reason I think this will be a big year for encryption is that it’s becoming far easier to deploy. Traditional agent-based encryption is well-established, but has always been hard to deploy because it doesn’t work seamlessly with data management and other infrastructure functions. There is such a demand and focus on encryption recently that you can be sure plenty of bright minds are working on more advanced solutions that overcome the limits of traditional encryption. Expect to see some of these released in 2016.

Solutions that tightly integrate encryption will be the big winners in the year ahead.

Cloud providers will continue to offer built-in encryption capabilities, similar to firewalls and load balancers, but the evolution of third-party solutions will broaden the reach of encryption. Looking further out, it’s not hard to imagine that encryption will do more than just protect data; it will take on a bigger role in protecting other parts of the network with access control.

I think it’s inevitable, as the cloud becomes more ubiquitous in the years ahead, that encryption will essentially become the new perimeter and insertion point for companies to enforce their security policies. It’s a fantastic opportunity for encryption vendors to start delivering on in 2016.

The cloud blots the outlook for switch vendors

Switching products offer many complex features, such as VLANS (Virtual Local Area Networks), that are manifestations of physical constructs. But with cloud computing, switching is far more straightforward and the role of switch vendors changes.

Traditionally, switching products have relied on elaborate routing protocols and network encapsulations to make sure that, for example, Rack A doesn’t talk to Rack B, but can talk to Rack C. It gets way more complicated in the jumble known as network management.

But in cloud computing, the network management mess goes away. For example, Security Groups, the network controls Amazon uses that are defined up front and deployed automatically. This is a huge time saver because you no longer have to set up network access control policies and the need for software switches is greatly reduced.

There is still going to be a need for switches; for example, customers who want to project one network onto different infrastructures — but this is far from a big growth opportunity. In my opinion, switch vendors are going to have difficulty finding new revenue for their traditional products in 2016.

That pesky issue of insertion in the cloud is also a tremendous challenge to switch vendors. To get a so-called virtual switch inserted in a cloud-based data center, it would need to be tightly integrated with a cloud-based hypervisor. But I see no incentive for cloud providers to give third-party switch vendors special access to their systems.

As a result, I think switch vendors are going to be left out in the cold when it comes to opportunities in the cloud.

A winning combination of software storage and encryption

Enterprise data is already growing exponentially, and the cloud will accelerate this trend because it provides readily accessible infrastructure to store all that data. Simply put, it’s a great opportunity for software-based storage systems.

But there’s the issue of managing all this data in a way that spans both private and public clouds, because most companies will leverage both. This point is where software storage vendors can thrive to the extent they’re able to bring new cloud-based data management solutions to the fore.

I strongly believe that for these software storage solutions to succeed, however, they need to be tightly integrated with security, such as encryption. The alternative is to keep encrypting data separately from the storage system, but that just makes it a hassle to replicate, back up and move data around. Solutions that tightly integrate encryption will be the big winners in the year ahead.

The hype becomes reality

You might say 2015 was the year of cloud computing — at least when it comes to media coverage. But the fact is, only a small percentage of enterprise workloads moved to the public cloud this past year. That’s about to change. The transition of the enterprise from private to public clouds is likely to be the most impactful transition in the IT data center sector in the past three decades.

I expect we will see a much larger percentage of enterprise workloads moving to the cloud in 2016, with a much bigger migration to follow. I’ll be fascinated to see what the established vendors and upstarts bring to the table this year to accelerate the inevitable transition to the cloud.