Ensuring Security in an Era of AI and Cloud Platforms
There is a lot going on in the virtual world today. Whether you have a private, hybrid or public cloud environment, it’s safe to say things are always changing fast, and on a daily basis.
Konstantin Malkov is the CTO at 5nine Software, and an expert in cloud security and management. Check out a Q&A with him that is reprinted with permission from the Habrahabr Technology blog.
As a whole, what is happening with cloud platforms? Right now there are a few main players in the market that are developing their own mega-clouds. Has a war broken out between them yet?
The platform war has been waging for quite some time already, and it was caused by commercial interests. Several years ago the primary battle was between VMware and Hyper-V over private clouds. They fought for market share, and for who would have the greatest presence in datacenters. Now the battle is being fought over public and hybrid clouds. Naturally, this means Amazon, Microsoft and Google. But I think the main battle, at least in the coming years, will be between Azure and AWS.
At the same time, exchanging data between different cloud systems will play an increasingly important role because many organizations, at least in the United States and Europe, often have requirements to be able to choose between cloud systems. From my point of view, physical-to-virtual migration when virtualizing a physical machine to one in the cloud, as well as the ability to migrate a virtual machine between, for example, Hyper-V and Amazon, Hyper-V and Azure, and Azure and AWS; will be in high demand.
5nine’s goal is to help clients create a hybrid cloud that combines their datacenter, public cloud (e.g. Azure and Amazon), and the cloud of the local hosting provider with transparent management, load balancing across these clouds, high security, and compliance with national and international law. With 5nine Cloud Security, we have already brought this idea to life. We provide monitoring and security in client datacenters, Azure, and local hosting provider cloud environments, from a single console or a client portal. Various platforms and cloud environments will be integrated using solutions from third-party developers.
Right now, is it possible to migrate virtual machines between different clouds?
Yes. Look at V2V Easy Converter, a product available from 5nine Software. You can use it to take VMware virtual machines, and convert them to Hyper-V, and then migrate to Amazon or Azure. As cloud security and capabilities increase, the corporate sector will more eagerly begin to move their own systems to the public cloud, so the demand for inter-cloud migration will only grow.
What is currently stopping large companies in some cases from switching to cloud platforms?
I think it is mainly a matter of technological independence and security. Let’s say you have some physical machines and data stored somewhere, or virtual machines running on platforms within your datacenter. You move all of this somewhere onto Azure, or even Azure Government or the Amazon Government Cloud, with higher certification levels. Companies aren’t always willing to accept that they won’t have complete control over their virtual machines. Therefore, the ability to provide higher control and isolate machines in a public and hybrid cloud environment, as we do, is very important.
Another promising solution to look at is Azure Stack, which lets the user combine a private cloud on Windows Server 2016 with local Azure services in their own datacenter, on the same Azure Stack. What’s more, it helps add all of the power of big Azure technology and applications to run on premises. Several of our clients are already planning to deploy Azure Stack for themselves. That’s why we are working with Microsoft on new versions of our 5nine Cloud Security to ensure increased security for Private, Hybrid and Public infrastructures.
The security issues are similar to those being solved in private cloud environments. Imagine that you have a multitenant system as a hosting provider. You have virtual machines assigned to different tenants, and you want to limit tenant access to various machines and instances. Approximately the same setup is needed in a public cloud environment. In a private cloud, you control everything in your own datacenter, while in a public cloud everything is in a datacenter somewhere in Munich or Virginia.
So the security issue isn’t being solved yet?
No. We are working on resolving it right now. There are different things — encryption of virtual objects, various security systems — that let us create rules on how data is exchanged between machines. But companies aren’t quite ready to analyze the associated risks. Therefore, we have focused on security manageability. This issue will always worry those responsible for security.
Let’s talk about the future. What does it look like to you? Is it going to be a world of artificial intelligence? Where is this technology growing?
People have talked about artificial intelligence for a long time. Even back in the dot-com period, people actively discussed machine learning, automatic data processing, and much more. Many things have been more or less ready for a long time in terms of algorithms.
Moreover, at my previous business, we designed systems to create a certain baseline for a system’s normal operations, and then identify deviations from the normal behavior. Then you receive some notifications. You can respond to them and classify any suspicious events that may have occurred.
If you know what’s going on, you can say: ‘No, I know what this is. There was traffic on port 80 at three in the morning, because one of my programmers likes to work at night.’ Such a system, a typical supervised learning system, remembers which user can access the network from which IP address.
So the algorithms have been created, worked out in detail, and now — with increased computer performance and the availability of cloud technology — can finally be implemented. AI is actively growing because it is generally accepted that many issues related to security, decision-making, and managing complex processes will be solved with machine learning.
The center of AI development is in the United States — Silicon Valley and other tech hubs: New York, Seattle, Boston and Washington. There are also startups working on AI in Europe, China, APAC and Russia.
AI is being applied to data security systems. Can the addition of AI change the lay of the land in the battle between hackers and data security companies?
Of course. It is already changing. Previously, antimalware systems were signature-based. If a signature was recognized, then the antivirus system identified the virus and you could do something with it. But the quantity of new viruses and attacks is growing exponentially, if not faster. There is a need to detect and prevent unknown attacks and various exploits.
For example, suppose you set up a new web server and nobody knows your IP address yet, and you want to protect it from hackers. There are different ways of accomplishing this. The server gets up and running, and you begin to collect normal traffic and create a kind of metabase. Later, you compare events on the web server with the events that occurred earlier under normal conditions. You have an adaptive system that detects anomalies in behavior and an algorithm that classifies events. Without a doubt, machine learning and artificial intelligence systems will be used. But hackers also know about these capabilities and algorithms, so the war will continue.
A competition between two artificial intelligences?
Yes. With the help of similar systems, hackers can track behavior patterns, what the security administrators of a particular network do, their habits, and how they analyze and monitor their network. With this knowledge, they can take steps to bypass this protection. The struggle will continue. Whoever has better brains will be victorious. In any case, the human element still remains a key. A lot depends on the people who design the algorithms, and respond to system notifications. In the future, the systems themselves will adapt to changes.
Do you see any problems or risks in developing artificial intelligence?
There are various fears that some jobs will be given to robots. I think that humans should simply be in control and not trust every critical function to artificial intelligence systems. This is possible – at least for now.
The Internet of things will also obviously become part of tomorrow’s reality. What expectations do you have for this technology?
Yes. This area is growing by leaps and bounds. Huge investments are being made here. Just as in cloud technology, security plays an enormous role. Just take privacy issues. Every home has laptops, tablets, and phones, and they all have video cameras. Some people put tape over them, but this is a partial solution. All of these cameras are on the same network. The task here is very similar to what we are addressing for virtual machines. We need to have the ability to regulate network traffic between different devices. If one device is compromised, we need to at least prevent the contamination from spreading to the others.
From my point of view, one of the factors restraining the IoT is the absence of long-lasting and miniature batteries. Can we expect a breakthrough here?
Yes, but this is purely a hardware question. The hardware will naturally progress. I think at an even faster rate than it did in the 90s and 2000s. Look at the BESM-6 supercomputer. When I was studying at MSU it was highly valued and used for serious calculations under business agreements. But its performance is less than the latest iPad or iPhone these days. Same thing with batteries.
How will the development of new technologies influence the Internet? How it will change? What technologies seem promising to you?
I think there will be intelligent objects – objects containing off-the-shelf code that will be transmitted across the network and run on cloud devices. They will emulate the workings of the human brain, which we honestly still don’t know or understand yet, but we are close to achieving that understanding already, at least to some extent.
According to the IDC, today a large percent of all applications are already deployed in the cloud. This process will continue. Major enterprises and small businesses will flexibly redistribute loads between their own datacenters and the public cloud environments. This scenario will be hastened as security and management problems are solved for hybrid cloud environments. 5nine Software’s expertise and skills in securing and managing the Microsoft Cloud platform will always continue to develop and assist Microsoft users, making it easier and safer to transform their datacenter to effectively and securely connect with the public cloud.