Cloud computing may be more secure than the traditional client-server approach, the CIA’s chief technology officer said Tuesday.
During an Amazon Web Services conference in Washington, Gus Hunt said the cloud provides the ability to reimage or remove all software from one server and get it all up and running quickly on another server in the cloud. That makes it more difficult to launch a successful attack, he said.
“The advantage of elasticity turns the entirety of your security into a giant shell game,” Hunt said. “The ability to reimage — either when workloads scale up or down — or to reimage periodically — with the intent to completely wipe and restart a complete machine with something that is guaranteed out of your vaulted set of images — allows you to have very high confidence you are not had and you are not hooked. You basically turn yourself into a polymorphic surface to which the attack guy has a much tougher time getting at. That, ultimately, is the real key advantage to drive security and make things much better for us across the board.”
Hunt said the CIA plans to move unclassified data to the public cloud and put its classified data on a private, government-only cloud within a year.