As cloud computing
becomes more sophisticated and mainstream, the shift to the public
cloud is gaining tremendous traction. With big-brand clouds (Amazon Web
Services, Google Cloud Platform and Microsoft Azure) fast evolving, more
and more enterprises are moving away from private clouds. However
security is justifiably a top concern when moving applications and data
into the public cloud. Some of the questions foremost on everyone’s mind
are - How secure is my data? What will happen is there is a breach with
the public cloud vendor? How do I ensure that my data is properly
protected in this case?
Security is ultimately a shared
responsibility between the company and the public cloud vendor.
According to Forrester, cloud success comes from mastering the “uneven
handshake”. While cloud vendors are typically responsible for securing
the data center, infrastructure and hypervisor, the onus is on you, as a
consumer to close this gap with the necessary OS, users, applications,
data and of course, security – in tandem with the vendor.
Journeying to the Public Cloud
The
key is to find a cloud provider that fits best for your business. This
means you need to thoroughly vet potential vendors and conduct a full
risk assessment prior to signing any contract. Considering the fact that
different cloud service providers provide varying levels of security,
it is best to look at their security and compliance
activities and choose one with transparent processes. Once this
decision has been made, the next step is to take into account the
various security risks and chart possible solutions to create a secure
cloud environment.
Here are 5 steps to best protect data in the public cloud:
Intelligent Encryption
Encryption
is a viral security component of any organization and it is all the
more important when transferring and storing sensitive data in the
cloud. It ensures data confidentiality thus mitigating the risk of data
loss or theft in the case of a breach in the cloud. This focus on the
data itself rather than placing full emphasis on the infrastructure for
protection goes a long way in ensuring that data stays safe even if the
network or perimeter security is compromised.
Strict Identity Management and Access Control
An
effective identity management strategy for the cloud can be summed
under the three ‘As’ – access, authentication and authorization.
Consumers must ensure that only trusted and authorized users can access
the public cloud data through a strong identity management system.
Additional layers of authentication measures further help in ensuring a
controlled cloud environment. An important note here is to find a good
balance between security and developer performance.
Smart Security at All End-points
In
most cases, physical security is usually covered by the cloud provider
through regular audits and certifications from accreditation bodies. In
certain industries like healthcare, finance and defense, it is a
regulatory mandate that there be security at all points along the data
path – be it entering or exiting the corporate network or moving along
to the cloud and in the cloud itself. However as a general trend in
today’s cloud and BYOD era, it is of utmost importance that the consumer
ensures some hardware necessities and best practices for end-point
security in addition to the cloud security measures. Mobile devices in
particular pose a unique challenge as despite best intentions, users
generally do not prioritize securing them. Unfortunately, this results
in exposing potential access points to sensitive corporate data. Strong
end-point measures typically should encompass mobile/on-device
protection, next generation firewalls, network intrusion systems, VPN
and up-to-data security architectures.
Real-time Monitoring & Incident Response
As
part of the shift to a “prevent and control attack” mindset, real-time
monitoring through analytics and forensics enables consumers to identify
attacks early in the breach lifecycle. Instant alerts and automatic
data collection through analytics enables rapid forensics and insights
into behavior from endpoint to the cloud. Armed with these insights,
security team can identify potential risks and patterns in real-time,
while also determining the path for on immediate remediation.
Organizations should also focus on enterprise level visibility for
hosted applications in the cloud in conjunction with the cloud provider,
thus providing a multi-pronged approach for quick detection and
incident response for security issues.
Strong Governance Framework
A governance framework is an essential tool that will enable your IT security
team to assess and manage all risks, security and compliance related to
the organization’s cloud environment. This crux of this framework is
that it needs a synergy between security, IT, business and the
organization itself for a secure cloud. A strong framework typically
encompasses stringent security policies, audit compliance, identity
management, security control tools, a BYOD policy and a contingency
plan. But to ensure true compliance with cloud policies, organizations
have to work closely with IT security teams to understand the unique
challenges of cloud security and ways to protect sensitive data
workloads. Additionally, educating and training users to comply with the
organization’s cloud policies can go a long way in achieving
compliance.
Cloud computing is revolutionizing the way enterprises
operate in today’s world with a slew of cost benefits and tremendous
economies of scale. As with any other investment, it is your
responsibility to ensure that cloud is protected as much as possible.
With a robust set of security processes, tools, a clear BYOD-compatible
cloud computing strategy and a strong governance
framework in place, there is a significant reduction in risk as you
embark into the cloud. And the future is yours as long as your
organization continuously adapts to stay agile and competitive in a fast
evolving cloud technology landscape.
0 comments:
Post a Comment