Does Cloud Security Depend on Processor Security Vulnerabilities?
Readers with long memories will recall the suspicion the cloud was greeted with when it was first introduced more than a decade ago. Site owners who managed their servers doubted that cloud vendors could do a better job, especially where security is concerned. Who knew what lurked beneath the virtualization layer? In subsequent years, as cloud platforms came to dominate the infrastructure hosting world, concerns about their security largely evaporated.
In 2019, most companies run most of their infrastructure in the cloud. The benefits of cloud infrastructure have proven immense for improving reliability, scalability, and cost-efficiency for everyone from boutique ecommerce retailers to the largest online stores. Cloud adoption has not resulted in widely exploited vulnerabilities. Servers are still hacked, and data is still leaked, but the exploited vulnerabilities are almost at the application or database layer, not at the virtualization layer or in the underlying physical hardware.
However, no platform is entirely secure, including the cloud. Last year, the Spectre and Meltdown vulnerabilities hit the headlines. Flaws in some CPUs allowed malicious users who could run code on a server to access sensitive information owned by other cloud users. This year, further vulnerabilities were discovered, including ZombieLoad, which could allow an attacker to steal data recently processed by a CPU.
All servers with affected processors are vulnerable to this type of attack, but because cloud platforms are shared computing environments, the risks are higher. A malicious user could exploit the vulnerability by running code in their cloud environment, accessing the information of other cloud users hosted on the same server.
Does this mean the cloud is no longer secure?
No. In fact, cloud platforms like the Hostdedi Cloud are still the most secure infrastructure hosting option. While processor vulnerabilities like ZombieLoad are a real problem for the hosting industry, cloud platforms are best placed to protect their users.
Cloud platforms have access to greater technical expertise. Building a secure cloud platform is not easy, and cloud platforms are not equally secure. However, we have staff developers and system administrators who have decades of experience with infrastructure security. They understand what the risks are and how to manage them. Few hosting clients have access to such breadth and depth of knowledge.
Patches are applied to all servers quickly. When news of the Spectre and Meltdown vulnerabilities broke, Hostdedi quickly patched its servers and released a blog article explaining what was happening. We follow the same procedure for all vulnerabilities that might impact our cloud hosting clients. Ecommerce retailers and other businesses running on owned servers cannot react with the same speed and agility.
Platforms like the Hostdedi Cloud are not secure by default; they are secure because engineers build and maintain them, constantly monitoring security threats and reacting accordingly. Our cloud platform is secure because security is our top priority. That’s not true of most businesses, which is why owned infrastructure tends to be less secure than cloud infrastructure. Bloggers want to blog and ecommerce retailers want to sell. But we’re obsessive about security, and that’s why our cloud platform is the secure hosting choice.
Posted in:
Security
