Guarding the grid
Security issues around grid computing are not new or different, but they grow with the grid.
Computerworld - Deploying a grid infrastructure can help companies dramatically improve hardware utilization rates and boost computing power. But the massive resource aggregation and wider end-user access enabled by grids also have the potential to magnify security risks, implementers say.
As a result, companies that are implementing grid technologies need to pay special attention to issues such as user authentication, authorization and access control, as well as auditing and data integrity -- both when data is in storage and while it's in transit.
Ensuring that adequate measures are in place for responding to the effects of worms and viruses, which can be amplified in a grid setup, is also crucial in grid computing, IT managers say.
Most of the problems that users have to deal with in a grid environment are similar to the ones they face in nongrid environments, says John Hurley, senior manager for distributed software and systems integration at The Boeing Co.'s mathematics and computing technology group in Seattle. "But [they] take on much greater significance in a grid environment because of the fundamental premise of grids -- access, sharing and collaborative computing," he notes.
Grid computing creates the "potential for gateways into an environment" where none existed before, says Hurley.
More Power, More Risk
A grid installation harnesses the combined power of numerous servers and PCs to run applications and services as one large system. Grids have been used for years to run compute-intensive applications in academic and research organizations. The improved resource utilization and power delivered by grids have also begun to attract the attention of corporate America. A survey of 550 database professionals, released in January by Santa Cruz, Calif.-based Evans Data Corp., showed that one in five companies is planning to deploy grids during the next two years.
The potential severity of grid-related security problems depends largely on the context in which grids are being used, says Dane Skow, deputy computer security executive at the Fermi National Accelerator Laboratory in Batavia, Ill. "When you talk to people about grids, they have different scenarios in mind -- everything from clusters in the same room run by the same infrastructure team to global power-grid-like infrastructures," says Skow.
Research grids, for instance, typically provide access to users from multiple organizations and security domains. Fermi operates a grid for high-energy physics applications that's accessed by more than 5,000 users in some 80 organizations -- several of which are in Europe.
User access, authentication and authorization in such an environment can be a big challenge, given the fact that there's no single identity authority, says Skow, who is also
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts