Cloud Security: The challenges and Our Responsibilities
By Taradutt Pant | June 28, 2019
As the innovation in technology continues to rise, the demand for technology which quickly scales, integrates and delivers efficiency for businesses also increases. In recent years modern businesses are moving towards more flexible, powerful and reliable IT environments – and that’s where the cloud excels. According to IDG’s Enterprise Cloud Computing Survey, it is estimated that 70% of all organizations use the cloud for at least one application and its related data. Cloud has provided the organizations with great possibilities to grow, but at the same time, it brings great vulnerabilities and immense responsibilities for the organization to keep the data protected from all possible threats. With rising cybercrime across the globe, businesses are at continuous risk of exposing critical data on unsecured servers. Additionally, while migrating to cloud infrastructure customers face some challenges such as,
- Rapid scaling to a cloud environment and losing visibility of cloud assets which threatens the existing security posture
- Manual configuring of security policies to maintain the security posture in their cloud environments
- Creating custom policies and mapping internal governance requirements.
- Accommodate changing internal and regulatory requirements for compliance
- DevOps is struggling with the demand to roll out services and needs a way to implement and test security and compliance early in the CI/CD pipeline.
To create a robust cloud security strategy which can overcome the stated challenges an organization should account for their existing and future cloud computing needs; examining potential security risks; auditing existing security practices; analyzing gaps between current cloud security and determining SLAs from the existing cloud service provider.
The organizations need to select the right mix of cloud solutions and vendors which can offer maximum protection, prevent misconfigurations and enable cloud to stay agile and elastic. Some of the critical aspects of cloud security should include
- Network Security to provide visibility into cloud network topology and analysis of native control configuration.
- Compliance Engine to validate your cloud security posture against PCI-DSS, HIPAA, GDPR, NIST, CIS and more; should provide easily customizable governance language to build your own policy; auto-remediation actions like suspending a user or quarantine server.
- Privilege Identity Protection to monitor, protect and control superuser accounts while enabling advanced privileges.
- Cloud Threat Intelligence to analyze live network traffic and audit events against the current environment configuration. Alert on the user and specific cloud events and auto-start remediation flow.
In order to achieve long term business objectives organizations often prefer to choose a cloud solution provider (CSP). Organizations must factor the reliability and capability of a service provider that is entrusted with organization’s applications and data. It is equally important that organization should consider how security and compliance are managed by the cloud solution provider (CSP) enabling a safe computing solution. In addition, many organizations considering public cloud computing, “mistakenly assume that after moving to the cloud their role in securing their data shifts most security and compliance responsibilities to the CSP”. Here important factors need to be taken into consideration while moving to public cloud, understand how various cloud service models (IaaS, PaaS, SaaS) will affect the cost, ease of use, privacy, security, and compliance.