Data Separation in Cloud Computing


Achieving secure data separation in cloud computing is a necessity for many companies wishing to utilise cloud services as a cost effective method for storage, processing and memory functions. Data separation in cloud computing describes the need to ensure that one consumer of a cloud service cannot interrupt, or compromise, the service or data of another. As many cloud services rely on virtualisation technologies to offer compute power or storage to consumers, it is possible for a sophisticated attacker to compromise one virtual machine on the box and hop to others. This is an attack methodology that is being seen more and more in cloud computing and presents a real risk to companies that need to have some assurance that their data is safe should another consumer be compromised.

Of course, the risk to your data is increased or decreased dependant on which model you decide to consume. So, for example, public cloud models offer little assurance that an attacker is not able to purchase a virtual machine next to yours and hop across, compromising the confidentiality of data processed or stored on that machine. Attackers may also seek to perform denial of service attacks against the cloud provider to bring down the service for all consumers. Ensuring the cloud provider is implementing effective controls to separate consumers from each other may reduce the risk in this scenario.

data separation cloud
Which cloud model should I use?

As mentioned, each cloud model is unique in its offering, price, advantages and disadvantages. Public cloud offerings typically consist of a virtualised environment with each consumer sitting next to each other on the same box. These are usually cheaper options that allow consumers to purchase large amounts of storage or compute power for a relatively inexpensive price. In this scenario, however, consumers can have less confidence in security of their data.

Another model is that of private cloud services. These are usually a lot more expensive but allow organisations to have a dedicated service with no other consumers present on the same infrastructure. This obviously provides more assurance for protecting sensitive data, however, this may be overkill if the organisation is just storing relatively insensitive data. Organisations can essentially see this service as an extension of their current domain and apply controls appropriately, there is relatively low risk from other consumers in this model.

Consumers should assess the type of data that will be processed or stored in the cloud environment, or that might be accessible from this environment. It is usually advisable to have a proportionate approach to this – for example, purchasing a private cloud service to host publicly accessible content is overkill. However, hosting sensitive HR records on a public cloud storage service is not advisable if the supplier has not provided enough assurance that data separation has been achieved.

How can I gain assurance that data separation has been achieved?

Gaining assurance for data separation in cloud computing is dependant on the type of service you are consuming. Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) each have their own inherent risks and ways of gaining assurance that data separation in cloud computing has been achieved.

For example, an IaaS service that provides computing, network or storage services can be achieved through an appropriately secured or assured hypervisor. A hypervisor controls the virtualised environment on a box and, if compromised, allows an attacker to access all virtual machines on that box. If an attacker owns a hypervisor, they own the box and all the data on that box. Ensuring the hypervisor is secure is fundamental for IaaS services to achieve data separation in cloud computing. Additionally, separation can be achieved at the network level through the use of appropriately configured virtual local area networks (VLANs). Cloud providers can separate each consumer into separate VLANs and lock these down appropriately to prevent VLAN hopping.

Achieving data separation in cloud computing becomes more difficult for SaaS based offerings. As SaaS is typically software based services, the separation can only be achieved through appropriate application architecture and configuration. The underlying infrastructure and platform will not prevent an attacker compromising a poorly coded application so care must be taken by the cloud provider when programming applications for public consumption. In this case it is recommended that consumers wishing to consume SaaS offerings do so within a private cloud environment to reduce risks to their sensitive data.

About Lee Hazell

Lee Hazell is a cyber security consultant with a keen interest in anything tech or security related. Follow Lee on .

Leave a Reply

Your email address will not be published. Required fields are marked *