Cloud Connections: Zynga CSO: Social, Cloud Security Represent Major Challenges

The intersection of mobile, social and the cloud is driving innovation – it is also driving massive security challenges, Nils Puhlmann, chief security officer, Zynga, maker of online games including Farmville and Mafia Wars (Puhlmann is also a co-founder of the Cloud Security Alliance).

Puhlman should know. His company delivers 8 of the top 10 Facebook games, with 50-plus million daily active users and 215-plus million active monthly users. That makes its games some of the largest cloud services around today – and they include major doses of social and mobile capabilities as well. “It’s safe to say Zynga wouldn’t exist without the cloud,” he said.

Puhlman detailed the major security for challenges for social and cloud services – it’s interesting to put them side by side:

Top security risks on social networks:

Key cloud security problems:

What do these two lists have in common? Not surprisingly, baseline concerns about how users access and authenticate themselves onto social networks and emerging cloud services.

But there are also differences.

For social networks, the security challenges tend toward the areas of social engineering, or ways in which individuals behavior is part of the overall security problem. In the cloud, security challenges today center around the relatively immature security processes and standards governing these new all-encompassing computing environments.

Security vendors are starting to address the cloud, but simply selling existing security products to cloud providers or virtualizing existing security solutions isn’t enough. “The problems in the cloud are different,” said Puhlman, giving the simple example of just how challenging it is to manage IT tables or firewalls across at the scale that large cloud services require, saying that such challenges require a different way of thinking about cloud security.