Arsgera - Fotolia

Cloud data security comes with hefty price tag

As attacks on IT systems with sensitive data continue, cloud security becomes a top concern. Users won't find the best security practices on a clearance rack.

Database security breaches seem to be a recurring event in the IT world. And the United States Postal Service's computer network was the latest victim. Authorities suspect the attack compromised sensitive data -- including names, date of birth, social security information, addresses and employment records -- of more than 800,000 employees and possibly customers, as well.

This attack follows last holiday season's credit card database security breach at Target and the more recent breach at Home Depot. But these attacks were not cloud-related. Hackers exploited poorly protected traditional systems. As cloud adoption rises and hackers continue their attacks, cloud data security becomes paramount. And nothing that important is cheap. So the question not only becomes how to protect your cloud-based systems, but can you afford it?

Breakdown of cloud security costs

The technology needed for cloud security can be expensive, so admins tasked with securing the cloud should prepare their CIOs for a big bill by the end of 2015. And the talent needed to create proper security architectures and approaches, and then run them effectively, will set companies back even more.

Clouds are complex distributed systems, so what's the best way to protect them? The best cloud security model and practice is identity access management (IAM). Many cloud providers, such as Amazon Web Services (AWS), provide IAM-as-a-service right out of the cloud. Others require third-party IAM systems, such as Ping Identity and more.

To ensure cloud data security, use a method and technology that enable the right individuals to access these resources at the right times, and for the right reasons. This means that everything and everyone gets an identity -- including humans, servers, APIs, applications, data and more. After verifying identities, define which can access other identities and create policies to define the limits of those relationships.

Explore different cloud security avenues

There are a few approaches to cloud security, including using IAM for your cloud provider, IAM software and a third-party cloud. Cloud-based IAM system costs, such as those provided by AWS, are nominal. IAM services from AWS are free, so it only charges to use other AWS Services. However, most enterprises choose security options that are not tied to a single cloud provider.

Prices vary to run IAM systems, either on-premises or as-a-service. The average yearly cost is $5,000 per application. So it can get expensive if you manage 1,000 applications in private or public clouds and traditional systems. Everything needs to be locked up the same way; if cloud-based systems are secure, but traditional systems aren't, then the system isn't completely secure. Just ask Target and the U.S. Postal Service.

However, technology isn't the real cost. It's the security engineers needed to build and operate effective cloud security systems that cost the most. reports that the average salary with "cloud security" in the title is $134,000 per year. And these talented engineers are extremely hard to find, so you'll pay up to $200,000 per year for the best talent. Even solid consultants cost approximately $2,000 to $2,500 per day.

Moving to the cloud has tremendous benefits, but you have to spend on security to reduce risks -- and that will cost you. The technology needs to be upgraded and the best security engineers drive Teslas. So be sure to update your budgets accordingly.

About the author:
David "Dave" S. Linthicum is senior vice president of Cloud Technology Partners and an internationally recognized cloud industry expert and thought leader. He is the author or co-author of 13 books on computing, including the best-selling Enterprise Application Integration. Linthicum keynotes at many leading technology conferences on cloud computing, SOA, enterprise application integration and enterprise architecture.

His latest book is Cloud Computing and SOA Convergence in Your Enterprise: A Step-by-Step Guide. His industry experience includes tenures as chief technology officer and CEO of several successful software companies and upper-level management positions in Fortune 100 companies. In addition, he was an associate professor of computer science for eight years and continues to lecture at major technical colleges and universities, including the University of Virginia, Arizona State University and the University of Wisconsin.

Next Steps

Retail breaches make cloud encryption crucial

Why cloud data encryption is vital for security

Tools and procedures needed for best private cloud security

Dig Deeper on Cloud infrastructure design and management

Data Center