Security First in the Cloud Wars
“The Cloud Wars” may be dominating IT news headlines, but what does this phrase actually mean? And is it something that an enterprise needs to be concerned with?
Beyond the ongoing battle for market dominance between the three biggest cloud players – Amazon, Microsoft and Google – it is a highly competitive and disruptive sector, ripe with smaller, niche players too. Enterprises are using cloud services for everything from hosting workloads to running or accessing software-as-a-service applications, with a focus on growing their business.
Unfortunately, security best practices tend to take a backseat when enterprises operate with the assumption that the responsibility falls solely on the cloud provider. Businesses moving quickly to keep up with the speed of the cloud may not give security the true investment it demands, considering today’s fast-moving threat and compliance landscapes. What’s worse is that by the time they realize this, it could be too late.
An Unexpected Victory for Enterprises
The good news is cloud providers do take security seriously. They prioritize the expected basics of secure passwords and multi-factor authentication, as well as user analytics that can monitor for abnormal user access – whether an unusual time, device or location. More recently, strong physical security, such as laser-beam intrusion technology, is also coming into play to keep the bad guys out.
Most providers adopt sandbox development areas for system tests, in addition to flexible and extensible software stacks with different levels of hardening built in. Earlier this year at Google Cloud Next, the company announced more than 30 new security-related features. From identify and access management offerings to fortified t
hreat protections, the underlying commitment was evident – to make the platform more secure.
There are certain security benefits that can be gained from the size and scale of cloud providers that directly translate to enterprise customers. For example, if a cloud workload is subject to an attack, the cloud provider will work to understand what happened and ensure protective controls are established to prevent similar attacks in the future. The clear advantage here is that any protection put in place for a single customer will automatically protect any cloud customers on that platform against the same threat.
Another challenge is the relative scarcity of good cloud security specialists, as this is a new space and, therefore, the pool of skilled engineers available is even more reduced. This means that not only is getting the right people hard, but also retaining those people for ongoing maintenance of the cloud proves difficult since they are so in-demand on the jobs market.
The growth of cloud providers has enabled them to pick, choose and hire the best security talent in the market, as well as ensure they can offer the best security solutions. Cloud providers are not only well-protected, but also able to offer sound advice that comes from the experience of managing millions of workloads across the cloud.
Preparing for the Larger War
As much as cloud providers can do for security, however, this does not mitigate the responsibility of an enterprise to ensure they carry out their due diligence before moving workloads into the cloud. Security cannot be entirely outsourced to cloud providers. If a workload is breached in the cloud, or data is stolen from a workload, the enterprise owner is liable.
The most effective approach for enterprises is network-based security. It’s crucial for enterprises to think holistically about security and leverage the entire network to fortify security postures.
While cloud providers will continue to fortify their platforms, this is only one piece of the puzzle. As organizations migrate to the cloud, add additional clouds and continue to connect IoT devices across the network, end-to-end security becomes even more important. We’re at an inflection point where enterprises are evolving beyond single premises IT deployments and embracing multicloud for their transformations. Organizations need automated, repeatable security that connects the entire network for detection and enforcement.
Securing Victory with a Network-Based Approach
A network-based security approach allows enterprises to reap these benefits while leveraging the entire network to create a security architecture the includes automation, orchestration and interconnectivity. This helps alleviate the burden on stretched security teams that are forced to handle too much data and too many workloads to effectively defend their organization.
The Cloud Wars are having an overall positive impact on security that enterprises need to capitalize on now. Even though there are security challenges during and after the cloud migration process, the undeniable traction of cloud adoption has raised cybersecurity to top of mind as decisions are made.
As more enterprises consider cloud adoption, it is the opportune time to ensure security is a central component of all cloud migration strategies and embedded more broadly throughout the entire network. As the war rages on, enterprises have an opportunity to enhance security and shore up defences against the real threat – cybercriminals.