Cloud requires a new approach to security
- Posted on April 15, 2019
- Estimated reading time 3 minutes
This article was originally published in Security Boulevard.
Every data security effort requires a few basic building blocks: strong access controls, training and patching, to name a few. But when it comes time to secure your cloud transformation, a few major factors, such as shared responsibility and powering a modern user experience, require new approaches for the CISO.
Whether you’re planning a migration to the cloud or trying to optimize the control and oversight of your existing cloud infrastructure, consider these five factors to ensure you are doing so securely.
Traditional security solutions might not work in the cloud
In Crowd Research Partners’ “2018 Cloud Security Report,” 84 percent of survey respondents said traditional security tools don’t work in the cloud or have limited functionality.
From signature-based antivirus solutions to the inability to monitor login behavior on cloud applications, traditional solutions are usually too rigid and focused on internal traffic to effectively secure the cloud solution. Be sure to evaluate the solutions you’re using to ensure they will address your security needs in the cloud.
Responsibility is shared, not eliminated
In legacy environments, the onus is on you to encrypt and protect data on-premises. Once you enter the cloud, the vendor now takes on some of those responsibilities. But not everything.
Moving to the cloud demands a new, shared responsibility model. It begins by doing your due diligence to ensure your cloud provider has strong infrastructure security. Next, you must work to close the gap by configuring and managing controls, encrypting data and taking charge of where your data is left vulnerable.
Every cloud flavor comes with a different operating model
The single biggest threat to cloud security is misconfiguration, according to the “2018 Cloud Security Report.” This issue is exacerbated by the fact that every different “flavor” of cloud, from SaaS to PaaS and IaaS, demands a different set of requirements and configuration approaches.
Simply put, the cloud model you pursue will determine your responsibility as a consumer of cloud services, and the configurations you need to make to ensure security. Evaluate these models carefully to ensure you choose a model that’s right for your organization.
Modern workplace demands an evolution in security
Digital transformation has created a modern workplace experience, giving users access to data from anywhere on any device. Data is continually moving across endpoints and boundaries. Collaboration with third parties where data is shared is also prevalent.
Organizations need to deal with these changes with a cloud security model that secures access without slowing things down. If security adds too much friction to the end user, they will either not use the new tools or find a way around them. Both are damaging to your modern workplace goals.
Cloud threats are evolving at uber-fast pace
Keeping up with growing threats without leveraging the scale and sophistication of cloud providers is nearly impossible. If you are in the cloud and not using automation, AI and machine learning (ML), you might be putting your organization at undue risk.
That’s because the bad guys are also using the latest and greatest tech—AI, malware automation and polymorphism—to evade traditional detection mechanisms and launch attacks.
What’s needed to secure your cloud transformation?
Cloud transformation starts with a comprehensive assessment of your cloud security posture from a technology, process, people and organizational capability perspective.
With those insights, you will be able to chart a comprehensive security posture that spans your on-premises and cloud environments, giving you visibility and control across the ecosystem.
A modern strategy with the right configuration, technologies, governance, controls and identity management is essential in making sure your cloud strategy is secure.